HPC/hpc-cloud
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: HPC:umcg-0.1
Branches Tags
HPC:master HPC:develop HPC:merlin HPC:feature/add-variables HPC:merlin-develop HPC:feature/galera HPC:feature/cinder-volume-encryption
HPC:umcg-0.2 HPC:umcg-0.1
..
compare: HPC:30c453e32bbd1cf37d468b27450817051ee26ce2
Branches Tags
HPC:develop HPC:merlin HPC:master HPC:feature/add-variables HPC:merlin-develop HPC:feature/galera HPC:feature/cinder-volume-encryption
HPC:umcg-0.2 HPC:umcg-0.1

3 Commits
umcg-0.1 ... 30c453e32b

Author SHA1 Message Date
Egon Rijpkema
30c453e32b make a loop for more flexibility. 2017-09-19 17:11:34 +02:00
Egon Rijpkema
d0a2a7fc41 Updated url of docker registry. 2017-09-19 11:57:20 +02:00
Egon Rijpkema
07a89c6ce4 added cinder to site.yml 2017-08-31 15:02:47 +02:00
43 changed files with 157 additions and 591 deletions
Expand all files Collapse all files

2
ansible.cfg
View File

@ -1,2 +1,2 @@
[defaults] [defaults]
inventory = merlin hostfile = hosts

35
gcc-post-install.yml
View File

@ -1,35 +0,0 @@
---
- hosts: all
name: Dummy to gather facts
tasks: []
- hosts: keystone
become: True
vars_files:
- settings.yml
tasks:
- name: copy public key
copy:
content: "{{ rsa_pub }}"
dest: /srv/keystone/root/id_rsa.pub
- name: post install configuration
command: docker exec -i keystone.service bash -c "source /root/admin-openrc.sh && {{ item }}"
with_items:
- openstack network create --share --external --provider-physical-network provider --provider-network-type vlan --provider-segment 985 vlan985
- >
openstack subnet create --subnet-range 172.23.34.0/24 --gateway 172.23.34.1
--network vlan985 --allocation-pool start=172.23.34.50,end=172.23.34.60
--dns-nameserver 8.8.4.4 vlan985_subnet
- openstack network create --share --external --provider-physical-network provider --provider-network-type vlan --provider-segment 16 vlan16
- >
openstack subnet create --subnet-range 195.169.22.0/23 --gateway 195.169.23.251
--network vlan16 --allocation-pool start=195.169.22.237,end=195.169.22.237
--dns-nameserver 8.8.4.4 vlan16_subnet
- openstack flavor create --ram 4096 --disk 40 --vcpus 2 "Molgenis Dual"
- openstack flavor create --ram 16384 --disk 40 --vcpus 4 "Molgenis Quad 16GB"
- openstack flavor create --ram 8192 --disk 40 --vcpus 4 "Molgenis Quad 8GB"
- openstack keypair create --public-key /root/id_rsa.pub adminkey

14
gcc-site.yml
View File

@ -1,14 +0,0 @@
---
- include: common.yml
- include: rabbitmq.yml
- include: memcached.yml
- include: mariadb.yml
- include: keystone.yml
- include: glance-controller.yml
- include: nova-controller.yml
- include: neutron-controller.yml
- include: cinder-controller.yml
- include: cinder-storage.yml
- include: nova-compute.yml
- include: horizon.yml
- include: gcc-post-install.yml

4
generate_secrets.py
View File

@ -5,7 +5,6 @@ Open the secrets.yml and replace all passwords.
Original is backed up. Original is backed up.
""" """
from os import path
import random import random
import string import string
from subprocess import call from subprocess import call
@ -28,8 +27,7 @@ for key, value in data.iteritems():
for _ in range(pass_length)) for _ in range(pass_length))
# Make numbered backups of the secrets file. # Make numbered backups of the secrets file.
if path.isfile('secrets.yml'): call(['cp', '--backup=numbered', 'secrets.yml', 'secrets.yml.bak'])
call(['cp', '--backup=numbered', 'secrets.yml', 'secrets.yml.bak'])
with open('secrets.yml', 'w') as f: with open('secrets.yml', 'w') as f:
dump(data, f, Dumper=Dumper, default_flow_style=False) dump(data, f, Dumper=Dumper, default_flow_style=False)

9
heat.yml
View File

@ -1,9 +0,0 @@
---
- hosts: all
name: Dummy to gather facts
tasks: []
- hosts: heat
become: True
roles:
- heat

23
hosts
View File

@ -1,9 +1,5 @@
# A demo cluster of three nodes.
[databases] [databases]
openstack01-node01
openstack01-node02 openstack01-node02
openstack01-node03
[keystone] [keystone]
openstack01-node03 openstack01-node03
@ -19,11 +15,26 @@ openstack01-node01
openstack01-node02 openstack01-node02
openstack01-node03 openstack01-node03
#[cassandra]
#openstack01-node[01:03]
#openstack01-node01
#
#[next_cassandra]
#openstack01-node02
#openstack01-node03
[memcached] [memcached]
openstack01-node03 openstack01-node03
#[first_cassandra:vars]
#run_options=""
#
#[next_cassandra:vars]
#run_options="-e CASSANDRA_SEEDS=172.23.41.1"
[neutron-controller] [neutron-controller]
openstack01-node01 physical_interface_mappings=provider:ens192 openstack01-node01 provider_interface_name=ens192
[nova-controller] [nova-controller]
openstack01-node03 openstack01-node03
@ -35,4 +46,4 @@ openstack01-node03
openstack01-node01 storage_volume=/dev/loop0 openstack01-node01 storage_volume=/dev/loop0
[nova-compute] [nova-compute]
openstack01-node04 physical_interface_mappings=provider:enp4s0f0 openstack01-node04 provider_interface_name=dummy0

7
mariadb.yml
View File

@ -4,10 +4,3 @@
become: True become: True
roles: roles:
- mariadb - mariadb
vars:
hostname_node0: "{{ hostvars[groups['databases'][0]]['ansible_hostname'] }}"
hostname_node1: "{{ hostvars[groups['databases'][1]]['ansible_hostname'] }}"
hostname_node2: "{{ hostvars[groups['databases'][2]]['ansible_hostname'] }}"
ip_node0: "{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
ip_node1: "{{ hostvars[groups['databases'][1]]['listen_ip'] | default(hostvars[groups['databases'][1]]['ansible_default_ipv4']['address']) }}"
ip_node2: "{{ hostvars[groups['databases'][2]]['listen_ip'] | default(hostvars[groups['databases'][2]]['ansible_default_ipv4']['address']) }}"

37
merlin
View File

@ -1,37 +0,0 @@
[nova-compute]
merlin-managementnode002 physical_interface_mappings=provider:eno3
merlin-managementnode003 physical_interface_mappings=provider:eno3
merlin-node001 physical_interface_mappings=provider:eno3
merlin-node003 physical_interface_mappings=provider:eno3
merlin-node004 physical_interface_mappings=provider:eno3
[databases]
merlin-managementnode001
merlin-managementnode002
merlin-managementnode003
[rabbitmq]
merlin-managementnode001
merlin-managementnode002
merlin-managementnode003
[horizon]
merlin-managementnode001
[memcached]
merlin-managementnode001
[nova-controller]
merlin-managementnode001
[keystone]
merlin-managementnode001
[neutron-controller]
merlin-managementnode001 physical_interface_mappings=provider:eno3
[heat]
merlin-managementnode001
[glance-controller]
merlin-managementnode001

1
meta/main.yml
View File

@ -1 +0,0 @@
---

21
nuke.yml
View File

@ -1,21 +0,0 @@
---
# This playbook will reset the instalation to facilitate a new installation.
# All data is lost!
- hosts: all
become: True
name: Dummy to gather facts
tasks:
- name: Stop docker service
shell: "systemctl stop docker"
- name: Verify docker is stopped.
systemd:
name: docker
state: stopped
- name: remove volumes
shell: "rm -rf /srv"
- hosts: cinder-storage
become: True
tasks:
- name: wipe cinder storage.
shell: "dd if=/dev/zero of={{ storage_volume }} bs=1M count=1 && sync"

35
openstack03
View File

@ -1,35 +0,0 @@
[databases]
openstack03
[keystone]
openstack03
[glance-controller]
openstack03
[horizon]
openstack03
[rabbitmq]
openstack03
[memcached]
openstack03
[neutron-controller]
openstack03 physical_interface_mappings=provider:enp4s0f0
[nova-controller]
openstack03
[cinder-controller]
openstack03
[cinder-storage]
openstack03 storage_volume=/dev/sdb1
[nova-compute]
openstack03 physical_interface_mappings=provider:enp4s0f0
[all:vars]
listen_ip=172.23.40.243

37
os-test
View File

@ -1,37 +0,0 @@
# An all in one
[databases]
os-test
[keystone]
os-test
[glance-controller]
os-test
[horizon]
os-test
[rabbitmq]
os-test
[memcached]
os-test
[neutron-controller]
os-test physical_interface_mappings=provider:enp4s0f0
[nova-controller]
os-test
[cinder-controller]
os-test
[cinder-storage]
os-test storage_volume=/dev/sdb
[nova-compute]
os-test physical_interface_mappings=provider:enp4s0f0
[all:vars]
listen_ip=129.125.60.194

2
post-install.yml
View File

@ -19,7 +19,7 @@
- > - >
openstack subnet create --network provider openstack subnet create --network provider
--allocation-pool start={{ allocation_pool['start'] }},end={{ allocation_pool['end'] }} --allocation-pool start={{ allocation_pool['start'] }},end={{ allocation_pool['end'] }}
--dns-nameserver {{ dns_nameserver }} --gateway {{ gateway }} --subnet-range {{ subnet_range }} providersub --dns-nameserver {{ dns_nameserver }} --gateway {{ gateway }} --subnet-range {{ subnet_range }} provider
- openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano - openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
- openstack keypair create --public-key /root/id_rsa.pub adminkey - openstack keypair create --public-key /root/id_rsa.pub adminkey

5
roles/cassandra/tasks/main.yml
View File

@ -7,14 +7,9 @@
mode: 644 mode: 644
owner: root owner: root
group: root group: root
- name: install service file - name: install service file
command: systemctl daemon-reload command: systemctl daemon-reload
- name: make sure service is started - name: make sure service is started
systemd: systemd:
name: cassandra.service name: cassandra.service
state: started state: started
- name: start service at boot.
command: systemctl reenable cassandra.service

15
roles/cinder-controller/tasks/main.yml
View File

@ -8,16 +8,16 @@
- set_fact: - set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-controller:latest docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-controller:latest
env_vars: > env_vars: >
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}" -e "MY_IP={{ ansible_default_ipv4.address }}"
-e "CINDER_HOST={{ listen_ip | default(hostvars[groups['cinder-controller'][0]]['ansible_default_ipv4']['address']) }}" -e "CINDER_HOST={{ hostvars[groups['cinder-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}" -e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}"
-e "CINDER_USER=cinder" -e "CINDER_USER=cinder"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" -e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" -e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}" -e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack" -e "RABBIT_USER=openstack"
@ -43,9 +43,6 @@
owner: root owner: root
group: root group: root
- name: start service at boot.
command: systemctl reenable cinder-controller.service
- command: systemctl daemon-reload - command: systemctl daemon-reload
- name: Initialize database. - name: Initialize database.

19
roles/cinder-storage/tasks/main.yml
View File

@ -4,24 +4,22 @@
include_vars: include_vars:
file: ../../secrets.yml file: ../../secrets.yml
name: secrets name: secrets
tags: vars
- set_fact: - set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-storage:latest docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-storage:latest
env_vars: > env_vars: >
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}" -e "MY_IP={{ ansible_default_ipv4.address }}"
-e "CINDER_HOST={{ listen_ip | default(hostvars[groups['cinder-storage'][0]]['ansible_default_ipv4']['address']) }}" -e "CINDER_HOST={{ hostvars[groups['cinder-storage'][0]]['ansible_default_ipv4']['address'] }}"
-e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}" -e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}"
-e "CINDER_USER=cinder" -e "CINDER_USER=cinder"
-e "GLANCE_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}" -e "GLANCE_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" -e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}" -e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack" -e "RABBIT_USER=openstack"
tags: vars
- name: pull docker image - name: pull docker image
docker_image: docker_image:
@ -54,13 +52,8 @@
mode: 644 mode: 644
owner: root owner: root
group: root group: root
tags: systemd
- command: systemctl daemon-reload - command: systemctl daemon-reload
tags: systemd
- name: start service at boot.
command: systemctl reenable cinder-storage.service
- name: make sure service is started - name: make sure service is started
systemd: systemd:

8
roles/cinder-storage/templates/cinder-storage.service
View File

@ -1,5 +1,5 @@
[Unit] [Unit]
Description=Openstack Cinder Storage container Description=Openstack Glance Container
After=docker.service After=docker.service
Requires=docker.service Requires=docker.service
@ -11,13 +11,9 @@ ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \ ExecStart=/usr/bin/docker run --name %n \
--privileged \ --privileged \
{{ env_vars | replace('\n', '') }} \ {{ env_vars | replace('\n', '') }} \
-v "/dev/cinder-volumes/":/dev/cinder-volumes \
-v /srv/cinder-storage/root:/root \ -v /srv/cinder-storage/root:/root \
-v "{{ storage_volume }}":/dev/cinder_storage_volume \ -v "{{ storage_volume }}":/dev/cinder_storage_volume \
-v "/dev/lvm":/dev/lvm \ -p 8776:8776 \
-v "/srv/cinder-storage/volumes/:/var/lib/cinder/volumes/" \
-p 8777:8776 \
-p 3260:3260 \
{{ docker_image }} {{ docker_image }}
[Install] [Install]

5
roles/common/tasks/docker.yml
View File

@ -13,8 +13,3 @@
with_items: with_items:
- docker-engine - docker-engine
- python-docker - python-docker
- name: make sure service is started
systemd:
name: docker.service
state: started

5
roles/dockerregistry/tasks/main.yml
View File

@ -7,18 +7,13 @@
mode: 644 mode: 644
owner: root owner: root
group: root group: root
- name: install service file - name: install service file
command: systemctl daemon-reload command: systemctl daemon-reload
- name: make sure service is started - name: make sure service is started
systemd: systemd:
name: dockerregistry.service name: dockerregistry.service
state: started state: started
- name: start service at boot.
command: systemctl reenable dockerregistry.service
- name: Copy certificates and passwd file - name: Copy certificates and passwd file
copy: copy:
src: "{{ item }}" src: "{{ item }}"

16
roles/glance-controller/tasks/main.yml
View File

@ -8,15 +8,15 @@
- set_fact: - set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-glance:latest docker_image: registry.webhosting.rug.nl/hpc/openstack-glance:latest
env_vars: > env_vars: >
-e "GLANCE_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}" -e "GLANCE_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "GLANCE_PASSWORD={{ secrets['GLANCE_PASSWORD'] }}" -e "GLANCE_PASSWORD={{ secrets['GLANCE_PASSWORD'] }}"
-e "GLANCE_USER=glance" -e "GLANCE_USER=glance"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" -e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" -e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}" -e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack" -e "RABBIT_USER=openstack"
@ -42,18 +42,14 @@
owner: root owner: root
group: root group: root
- name: start service at boot.
command: systemctl reenable glance.service
- command: systemctl daemon-reload - command: systemctl daemon-reload
- name: Initialize database. - name: Initialize database.
command: > command: >
/usr/bin/docker run --rm /usr/bin/docker run --rm
{{ env_vars }} {{ env_vars }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
-v /srv/glance/root:/root \ -v /srv/glance/root:/root \
-v /var/lib/glance/images:/var/lib/glance/images \
{{ docker_image }} /etc/bootstrap.sh {{ docker_image }} /etc/bootstrap.sh
tags: bootstrap tags: bootstrap

1
roles/glance-controller/templates/glance.service
View File

@ -11,7 +11,6 @@ ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \ ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \ {{ env_vars | replace('\n', '') }} \
-v /srv/glance/root:/root \ -v /srv/glance/root:/root \
-v /var/lib/glance/images:/var/lib/glance/images \
-p 9292:9292 \ -p 9292:9292 \
{{ docker_image }} {{ docker_image }}

62
roles/heat/tasks/main.yml
View File

@ -1,62 +0,0 @@
# Build and install a docker image for heat.
---
- name: include secrets
include_vars:
file: ../../secrets.yml
name: secrets
- set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-heat:latest
env_vars: >
-e "HEAT_HOST={{ listen_ip | default(hostvars[groups['heat'][0]]['ansible_default_ipv4']['address']) }}"
-e "HEAT_PASSWORD={{ secrets['HEAT_PASSWORD'] }}"
-e "HEAT_USER=heat"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack"
- name: pull docker image
docker_image:
name: "{{ docker_image }}"
tags: pull
- name: Make build and persistent directories
file:
path: "{{ item }}"
state: directory
mode: 0777
with_items:
- /srv/heat
- /srv/heat/root
- name: install service file.
template:
src: templates/heat.service
dest: /etc/systemd/system/heat.service
mode: 644
owner: root
group: root
- name: start service at boot.
command: systemctl reenable heat.service
- command: systemctl daemon-reload
- name: Initialize database.
command: >
/usr/bin/docker run --rm
{{ env_vars }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
-v /srv/heat/root:/root \
{{ docker_image }} /etc/bootstrap.sh
tags: bootstrap
- name: make sure service is started
systemd:
name: heat.service
state: restarted

19
roles/heat/templates/heat.service
View File

@ -1,19 +0,0 @@
[Unit]
Description=Openstack heat Container
After=docker.service
Requires=docker.service
[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \
-v /srv/heat/root:/root \
-p 8000:8000 \
-p 8004:8004 \
{{ docker_image }}
[Install]
WantedBy=multi-user.target

3
roles/horizon/tasks/main.yml
View File

@ -19,9 +19,6 @@
- command: systemctl daemon-reload - command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable horizon.service
- name: make sure service is started - name: make sure service is started
systemd: systemd:
name: horizon.service name: horizon.service

8
roles/horizon/templates/horizon.service
View File

@ -1,5 +1,5 @@
[Unit] [Unit]
Description=Openstack Horizon Container Description=Openstack Glance Container
After=docker.service After=docker.service
Requires=docker.service Requires=docker.service
@ -9,9 +9,9 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \ ExecStart=/usr/bin/docker run --name %n \
-e "MEMCACHED_SERVER={{ hostvars[groups['memcached'][0]]['listen_ip'] | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" \ -e "MEMCACHED_SERVER={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \ -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
-p 80:80 \ -p 80:80 \
{{ docker_image }} {{ docker_image }}

51
roles/keystone/tasks/main.yml
View File

@ -36,14 +36,11 @@
- name: install service file - name: install service file
command: systemctl daemon-reload command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable keystone.service
- name: Initialize db - name: Initialize db
script: scripts/initialize_db.sh script: scripts/initialize_db.sh
environment: environment:
MYSQL_ROOT_PASSWORD: "{{ secrets['MYSQL_ROOT_PASSWORD'] }}" MYSQL_ROOT_PASSWORD: "{{ secrets['MYSQL_ROOT_PASSWORD'] }}"
DB_HOST: "{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" DB_HOST: "{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
register: result register: result
until: result|succeeded until: result|succeeded
# sometimes the initial connect fails. # sometimes the initial connect fails.
@ -52,12 +49,12 @@
delay: 3 delay: 3
ignore_errors: yes ignore_errors: yes
- name: keystone manage commands to setup db_sync - name: keystone manage commands to setup db
command: > command: >
/usr/bin/docker run --rm /usr/bin/docker run --rm
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys -v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
{{ docker_image }} keystone-manage {{ item }} {{ docker_image }} keystone-manage {{ item }}
with_items: with_items:
- db_sync - db_sync
@ -65,15 +62,10 @@
- credential_setup --keystone-user keystone --keystone-group keystone - credential_setup --keystone-user keystone --keystone-group keystone
- > - >
bootstrap --bootstrap-password {{ secrets['OS_PASSWORD'] }} bootstrap --bootstrap-password {{ secrets['OS_PASSWORD'] }}
--bootstrap-admin-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:35357/v3/ --bootstrap-admin-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-internal-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:35357/v3/ --bootstrap-internal-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:35357/v3/
--bootstrap-public-url http://{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}:5000/v3/ --bootstrap-public-url http://{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}:5000/v3/
--bootstrap-region-id RegionOne --bootstrap-region-id RegionOne
# sometimes the initial connect fails.
# Retry until it succeeds.
retries: 7
delay: 3
ignore_errors: yes
- name: make sure service is started - name: make sure service is started
systemd: systemd:
@ -83,35 +75,10 @@
- name: Create a domain, projects users and roles - name: Create a domain, projects users and roles
command: > command: >
/usr/bin/docker run --rm /usr/bin/docker run --rm
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys -v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys
-v /srv/keystone/root:/root -v /srv/keystone/root:/root
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3" -e "OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
{{ docker_image }} bash /etc/bootstrap.sh {{ docker_image }} bash /etc/bootstrap.sh
register: result
retries: 7
delay: 3
- name: install openstack repo host key.
command: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA
tags: openstackclient
- name: install openstack repo on host.
apt_repository:
repo: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/ocata main"
filename: ocata
tags: openstackclient
- name: install openstack client for management
apt:
name: python-openstackclient
state: latest
update_cache: yes
tags: openstackclient
- name: source admin-openrc.sh in root .bashrc
lineinfile:
path: /root/.bashrc
line: 'source /srv/keystone/root/admin-openrc.sh'

4
roles/keystone/templates/keystone.service
View File

@ -9,8 +9,8 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \ ExecStart=/usr/bin/docker run --name %n \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \ -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
-p 5000:5000 -p 35357:35357 \ -p 5000:5000 -p 35357:35357 \
-v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys \ -v /srv/keystone/fernet-keys:/etc/keystone/fernet-keys \
-v /srv/keystone/root:/root \ -v /srv/keystone/root:/root \

20
roles/mariadb/files/galera.cnf
View File

@ -1,20 +0,0 @@
[mysqld]
binlog_format=ROW
default-storage-engine=innodb
innodb_autoinc_lock_mode=2
bind-address=0.0.0.0
# Galera Provider Configuration
wsrep_on=ON
wsrep_provider=/usr/lib/galera/libgalera_smm.so
# Galera Cluster Configuration
wsrep_cluster_name="test_cluster"
wsrep_cluster_address="gcomm://{{ ip_node0 }},{{ ip_node1 }},{{ ip_node2 }}"
# Galera Synchronization Configuration
wsrep_sst_method=rsync
# Galera Node Configuration
wsrep_node_address="{{ listen_ip | default(ansible_default_ipv4.address) }}"
wsrep_node_name="{{ ansible_nodename }}"

56
roles/mariadb/tasks/main.yml
View File

@ -5,6 +5,14 @@
file: ../../secrets.yml file: ../../secrets.yml
name: secrets name: secrets
- name: install service file.
template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- name: make mariadb settings volume - name: make mariadb settings volume
file: file:
path: "{{ item }}" path: "{{ item }}"
@ -13,60 +21,16 @@
with_items: with_items:
- /srv/mariadb/lib/mysql - /srv/mariadb/lib/mysql
- /srv/mariadb/etc/mysql - /srv/mariadb/etc/mysql
- /srv/mariadb/etc/mysql/conf.d
- name: place settings file - name: place settings file
copy: copy:
src: files/my.cnf src: files/my.cnf
dest: /srv/mariadb/etc/mysql/conf.d/my.cnf dest: /srv/mariadb/etc/mysql
mode: 660 mode: 660
- name: Set galara.cnf on node if we have at least three nodes. - command: systemctl daemon-reload
template:
src: files/galera.cnf
dest: /srv/mariadb/etc/mysql/conf.d/galera.cnf
mode: 660
when: groups['databases'] | length >= 3
# This mimics galera_new_cluster.sh
- name: Initialize a new cluster.
block:
- set_fact:
mariadb_args: "--wsrep-new-cluster"
- template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- command: systemctl daemon-reload
- systemd:
name: mysql.service
state: started
when: groups['databases'] | length >= 3 and ansible_hostname == hostname_node0
- name: install service file.
block:
- set_fact:
mariadb_args: ""
- template:
src: templates/mysql.service
dest: /etc/systemd/system/mysql.service
mode: 644
owner: root
group: root
- name: Give the master node some time to initialize the cluster.
command: bash -c "sleep 60 && systemctl daemon-reload"
- name: make sure service is started - name: make sure service is started
systemd: systemd:
name: mysql.service name: mysql.service
state: started state: started
- name: start service at boot.
command: systemctl reenable mysql.service

7
roles/mariadb/templates/mysql.service
View File

@ -9,11 +9,10 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n || /bin/true ExecStartPre=-/usr/bin/docker kill %n || /bin/true
ExecStartPre=-/usr/bin/docker rm %n ExecStartPre=-/usr/bin/docker rm %n
ExecStartPre=/usr/bin/docker pull mariadb:10.2 ExecStartPre=/usr/bin/docker pull mariadb:10.2
ExecStart=/usr/bin/docker run --name %n \ ExecStart=/usr/bin/docker run -p 3306:3306 --name %n \
--network host \
-v /srv/mariadb/lib/mysql:/var/lib/mysql \ -v /srv/mariadb/lib/mysql:/var/lib/mysql \
-v /srv/mariadb/etc/mysql/conf.d:/etc/mysql/conf.d \ -v /srv/mariadb/etc/mysql:/etc/mysql \
-e MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }} mariadb:10.2 {{ mariadb_args }} -e MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }} mariadb:10.2
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

5
roles/memcached/tasks/main.yml
View File

@ -7,13 +7,8 @@
mode: 644 mode: 644
owner: root owner: root
group: root group: root
- name: install service file - name: install service file
command: systemctl daemon-reload command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable memcached.service
- name: make sure service is started - name: make sure service is started
systemd: systemd:
name: memcached.service name: memcached.service

19
roles/neutron-controller/tasks/main.yml
View File

@ -16,21 +16,21 @@
- set_fact: - set_fact:
env_vars: > env_vars: >
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" -e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}" -e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}"
-e "MY_IP={{ listen_ip | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}" -e "MY_IP={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" -e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}" -e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
-e "NEUTRON_USER=neutron" -e "NEUTRON_USER=neutron"
-e "NOVA_USER=nova" -e "NOVA_USER=nova"
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" -e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}"
-e "NOVA_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}" -e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}" -e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
-e "NOVA_PLACEMENT_USER=placement" -e "NOVA_PLACEMENT_USER=placement"
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-e "PHYSICAL_INTERFACE_MAPPINGS={{ physical_interface_mappings }}" -e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}"
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-e "RABBIT_USER=openstack" -e "RABBIT_USER=openstack"
tags: env tags: env
@ -45,15 +45,12 @@
- command: systemctl daemon-reload - command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable neutron-controller.service
- name: Initialize neutron - name: Initialize neutron
command: > command: >
/usr/bin/docker run --rm /usr/bin/docker run --rm
{{ env_vars }} {{ env_vars }}
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} --add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}
--network host --network host
{{ docker_image }} {{ docker_image }}
/etc/bootstrap.sh /etc/bootstrap.sh

6
roles/neutron-controller/templates/neutron-controller.service
View File

@ -10,9 +10,9 @@ ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \ ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \ {{ env_vars | replace('\n', '') }} \
--add-host=nova-controller:{{ hostvars[groups['nova-controller'][0]]['listen_ip'] | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=nova-controller:{{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--add-host={{ ansible_nodename }}:{{ ansible_default_ipv4.address }} \ --add-host={{ ansible_nodename }}:{{ ansible_default_ipv4.address }} \
--privileged \ --privileged \
--network host \ --network host \

12
roles/nova-compute/tasks/main.yml
View File

@ -4,11 +4,10 @@
include_vars: include_vars:
file: ../../secrets.yml file: ../../secrets.yml
name: secrets name: secrets
tags: vars
- set_fact: - set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-compute:latest docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-compute:latest
tags: vars tags: facts
- name: pull docker image - name: pull docker image
docker_image: docker_image:
@ -23,13 +22,11 @@
mode: 644 mode: 644
owner: root owner: root
group: root group: root
tags: systemd
- command: systemctl daemon-reload - command: systemctl daemon-reload
tags: systemd
- apt: - apt:
name: "{{ item }}" name: '{{ item }}'
with_items: with_items:
- kvm - kvm
- libvirt0 - libvirt0
@ -41,9 +38,6 @@
name: nova-compute.service name: nova-compute.service
state: restarted state: restarted
- name: start service at boot.
command: systemctl reenable nova-compute.service
- name: let nova controler discover new host - name: let nova controler discover new host
shell: "sleep 10 && docker exec -i nova-controller.service nova-manage cell_v2 discover_hosts" command: docker exec -i nova-controller.service nova-manage cell_v2 discover_hosts
delegate_to: "{{ hostvars[groups['nova-controller'][0]]['ansible_hostname'] }}" delegate_to: "{{ hostvars[groups['nova-controller'][0]]['ansible_hostname'] }}"

24
roles/nova-compute/templates/nova-compute.service
View File

@ -9,32 +9,30 @@ Restart=always
ExecStartPre=-/usr/bin/docker kill %n ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \ ExecStart=/usr/bin/docker run --name %n \
-e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['listen_ip'] | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}" \ -e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \ -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}" \
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}" \ -e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['listen_ip'] | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" \ -e "MY_IP={{ hostvars[groups['nova-compute'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}" \ -e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}" \
-e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" \
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" \ -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" \
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['listen_ip'] | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}" \ -e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}" \ -e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}" \
-e "NEUTRON_USER=neutron" \ -e "NEUTRON_USER=neutron" \
-e "NOVA_COMPUTE_USER=nova_compute" \ -e "NOVA_COMPUTE_USER=nova_compute" \
-e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['listen_ip'] | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}" \ -e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}" \
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \ -e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \ -e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" \
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}" \ -e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}" \
-e "NOVA_PLACEMENT_USER=placement" \ -e "NOVA_PLACEMENT_USER=placement" \
-e "NOVA_USER=nova" \ -e "NOVA_USER=nova" \
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" \ -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}" \
-e "PHYSICAL_INTERFACE_MAPPINGS={{ physical_interface_mappings }}" \ -e "PROVIDER_INTERFACE_NAME={{ provider_interface_name }}" \
-e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['listen_ip'] | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}" \ -e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address'] }}" \
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" \ -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" \
-e "RABBIT_USER=openstack" \ -e "RABBIT_USER=openstack" \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--privileged \ --privileged \
-v /dev:/dev \
-v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock \ -v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock \
-v /var/lib/nova/instances:/var/lib/nova/instances \ -v /var/lib/nova/instances:/var/lib/nova/instances \
-v /lib/modules:/lib/modules \ -v /lib/modules:/lib/modules \

22
roles/nova-controller/tasks/main.yml
View File

@ -17,17 +17,16 @@
- set_fact: - set_fact:
docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-service:latest docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-service:latest
env_vars: > env_vars: >
-e "GLANCE_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}" -e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}" -e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address'] }}"
-e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" -e "MY_IP={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}" -e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}"
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['listen_ip'] | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}" -e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}"
-e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}" -e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
-e "NEUTRON_USER=neutron" -e "NEUTRON_USER=neutron"
-e "NOVA_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}" -e "NOVA_CONTROLLER_HOST={{ hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address'] }}"
-e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}" -e "NOVA_PASSWORD={{ secrets['NOVA_PASSWORD'] }}"
-e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}" -e "NOVA_PLACEMENT_PASSWORD={{ secrets['NOVA_PLACEMENT_PASSWORD'] }}"
-e "NOVA_PLACEMENT_USER=placement" -e "NOVA_PLACEMENT_USER=placement"
@ -53,15 +52,12 @@
- command: systemctl daemon-reload - command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable nova-controller.service
- name: Initialize database. - name: Initialize database.
command: > command: >
/usr/bin/docker run --rm /usr/bin/docker run --rm
{{ env_vars }} {{ env_vars }}
--add-host=mariadb:{{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }}
--add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} --add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }}
-v /srv/nova-controller/root:/root -v /srv/nova-controller/root:/root
{{ docker_image }} {{ docker_image }}
/etc/bootstrap.sh /etc/bootstrap.sh

5
roles/nova-controller/templates/nova-controller.service
View File

@ -10,12 +10,11 @@ ExecStartPre=-/usr/bin/docker kill %n
ExecStartPre=-/usr/bin/docker rm %n ExecStartPre=-/usr/bin/docker rm %n
ExecStart=/usr/bin/docker run --name %n \ ExecStart=/usr/bin/docker run --name %n \
{{ env_vars | replace('\n', '') }} \ {{ env_vars | replace('\n', '') }} \
--add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=mariadb:{{ hostvars[groups['databases'][0]]['ansible_default_ipv4']['address'] }} \
--add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \ --add-host=keystone:{{ hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address'] }} \
--privileged \ --privileged \
-v /srv/nova-controller/root:/root \ -v /srv/nova-controller/root:/root \
-p 8774:8774 \ -p 8774:8774 \
-p 8775:8775 \
-p 8778:8778 \ -p 8778:8778 \
-p 6080:6080 \ -p 6080:6080 \
{{ docker_image }} /etc/run.sh {{ docker_image }} /etc/run.sh

4
roles/rabbitmq/files/rabbitmq.service
View File

@ -11,10 +11,10 @@ ExecStartPre=-/usr/bin/docker rm %n
ExecStartPre=/usr/bin/docker pull rabbitmq:latest ExecStartPre=/usr/bin/docker pull rabbitmq:latest
ExecStart=/usr/bin/docker run \ ExecStart=/usr/bin/docker run \
{% for host in groups['rabbitmq'] %} {% for host in groups['rabbitmq'] %}
--add-host "{{ host }}:{{ hostvars[host]['listen_ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}" \ --add-host "{{ host }}:{{ hostvars[host]['ansible_default_ipv4']['address'] }}" \
{% endfor %} {% endfor %}
-p 4369:4369 -p 25679:25679 -p 25672:25672 -p 5671-5672:5671-5672 -p 8080:15672 \ -p 4369:4369 -p 25679:25679 -p 25672:25672 -p 5671-5672:5671-5672 -p 8080:15672 \
-e "RABBITMQ_DEFAULT_USER=openstack" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \ -e "RABBITMQ_DEFAULT_USER=user" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \
-e "RABBITMQ_ERLANG_COOKIE={{ secrets['RABBITMQ_ERLANG_COOKIE'] }}" \ -e "RABBITMQ_ERLANG_COOKIE={{ secrets['RABBITMQ_ERLANG_COOKIE'] }}" \
-e "RABBITMQ_NODENAME=rabbit_{{ ansible_nodename }}" \ -e "RABBITMQ_NODENAME=rabbit_{{ ansible_nodename }}" \
--hostname "{{ ansible_nodename }}" --name %n rabbitmq:3-management --hostname "{{ ansible_nodename }}" --name %n rabbitmq:3-management

15
roles/rabbitmq/tasks/main.yml
View File

@ -5,6 +5,9 @@
file: ../../secrets.yml file: ../../secrets.yml
name: secrets name: secrets
- include_vars:
dir: 'vars'
- name: install service file. - name: install service file.
template: template:
src: files/rabbitmq.service src: files/rabbitmq.service
@ -16,9 +19,6 @@
- name: install service file - name: install service file
command: systemctl daemon-reload command: systemctl daemon-reload
- name: start service at boot.
command: systemctl reenable rabbitmq.service
- name: make sure service is started - name: make sure service is started
systemd: systemd:
name: rabbitmq.service name: rabbitmq.service
@ -27,7 +27,6 @@
- name: wait for container to be started - name: wait for container to be started
wait_for: wait_for:
port: 5672 port: 5672
delay: 5
- name: setup the cluster - name: setup the cluster
command: "docker exec -i rabbitmq.service {{ item }}" command: "docker exec -i rabbitmq.service {{ item }}"
@ -37,3 +36,11 @@
- rabbitmqctl start_app - rabbitmqctl start_app
when: ansible_nodename != hostname_node0 when: ansible_nodename != hostname_node0
- name: create openstack user
command: "docker exec -i rabbitmq.service {{ item }}"
with_items:
- rabbitmqctl add_user openstack "{{ secrets['RABBIT_PASSWORD'] }}"
- rabbitmqctl set_permissions openstack ".*" ".*" ".*"
when: ansible_nodename == hostname_node0
register: command_result
failed_when: "command_result.rc not in (0, 70)"

60
secrets.yml
View File

@ -1,32 +1,30 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
32313865346461323861313234623330633830663561353636396161643566353733393931303232 62633134346438356462333363626164393762356139653666323461333037393536373631653565
3134353364393034626564333866383065633162383561390a656463303464616434303435303037 6631306631333538353534663738313062636232633339610a303161323131373739393735666463
63313232373630616136626464373464646535353030396136656361343162666165366566383737 65353135626430353737373239623361306137326334333761626235353463393465383830666666
6133326539393432390a386162393639636137326532393939633665326637373461663766656565 6138616530346563310a306263316331346263356139383435316239346230313266636363313564
36636661653939373134313165383261353832373362613533366431626330313831643836363932 36633130393062373936363765636361343939313639326237633337353665666338633338343837
38623937663335646134323130636539333335636265313564323032623065393031343235633832 34613534333063303537323738396436333964613362636664366264313334663365336132623464
33336138653336633932383133366566656464356331306265663662356166613135663234326434 64656131373261376466356638636338643135393139386534626132323262393064626666323462
64343765366439303766613062363830346238376435366138323662366463353634623937376663 64323664373262356632393465653932303939313338656665336639613966626234636666373163
39313263613764623533323562333932656564346462333961663538353366313065343263383431 35633231666338643863623737396435626364333365656536613130666435323837323136663339
39643734353632336134663965343062373933656461393264323938303261316563313962343837 61363936336434656530313538643463663737613831646265313731363734356635356438353062
66623562333031646633643734383439386130653033343962633930613031313433633033383561 34323063346265393737343834343065616139656234666230323131366138396265393737666236
65366230663263346661343339636537336332323266623230646534323563373934356332663136 39353766643239323339623534393962666432656331323462656439306365613539366230643133
30626231623534616562323033333437353239306538653835623931363164383536336562336136 36316138303361313134336431343137343433383430616137376563383233303432383664333930
30666265366536313436646535383632626137613831633132666666653830383566323532306332 61613531313638303531643232343066376565663032326533313461363839383664366338356439
34353534336331653330663137323936303337306134333036633932363664643864333534316438 37363233666663653736376538386536653262653633323065363830623032363063393635653762
31623062303137376637353061643838383831663561663436663130663064323665316261316531 32636365656362323362303962306538336234626533323830656230386432666461343063663832
32616533333165636130623334373130316339326538343330646366383933353137623631323530 62373133343933353563653762333836333862376232353339313662363865616439623635393839
39653437343432383161323661643931346664663265326664336461373033646563666333353661 37346433346264633036343761613230396434366132653261643137386466326235613030306235
61633865373764346131623131346266373331626336663735303439376230333537386562303939 34333065623232303939623233373762393939653639333734336336303762326662386530356563
65363139346564653464663633326639323930333464376136353064393039373535613231623138 65303165623564303635356337353662363433626466653939323438633938386166386262623435
61373434323065646238356436373730333939613965666237616265653033333230353466316266 64376431396631623034386434393431616631363663393835343035313639663538643565616330
30383939376335656632626232663061623332636337646234653565363561353334643462376666 65353365303131326335646164333231306564383936396139643935646331393235326666336230
30326438303333336265306463313137656334313235643434616238333564373761333235633639 38326165663865343966356335326438303133663239656235313935626332323332376665343132
66346161316130633463623435646639366136386335386139613230653064663230366265633036 62336139643262333938303537313533623535333736643163373137343035393034613939663061
33613132633035393337653436613031383765616638323663363866393165613030306637393134 36323063643734343865333138356434643266663436653435353132386330636238343637653434
38333734373939626364343533306662393463646264666161346434363832623239643864303431 65616361333263336332643262623034343439383737366663373166643433653466313237613930
39383931333139633338663761646335613935636239636439383333313531633364653439323036 32373162646461323266353662326134343839613264313339306430366165633838663831666565
35373639363164386666366335313934336231333261623763633133393562656237313761356631 65333337623962313561306333616232393334353934316565666331336561633934623339353138
39663234653339313466326534333435306662316461333035623339353435383137383735373733 62656339386530333036383831613762353234643461656436623033613930353531
32373535303338646266346539386364356233616631316661633037346665353762353138376538
386535333439313233663464353534376535

2
secrets.yml.topol
View File

@ -9,5 +9,3 @@ OS_PASSWORD: # Keystone admin password
OS_DEMO_PASSWORD: # Keystone demo user password OS_DEMO_PASSWORD: # Keystone demo user password
RABBIT_PASSWORD: RABBIT_PASSWORD:
RABBITMQ_ERLANG_COOKIE: RABBITMQ_ERLANG_COOKIE:
CINDER_PASSWORD:
HEAT_PASSWORD:

1
site.yml
View File

@ -11,5 +11,4 @@
- include: cinder-storage.yml - include: cinder-storage.yml
- include: nova-compute.yml - include: nova-compute.yml
- include: horizon.yml - include: horizon.yml
- include: heat.yml
- include: post-install.yml - include: post-install.yml

42
test_hosts
View File

@ -1,48 +1,28 @@
[databases] [databases]
openstack-test05 ansible-test-2
openstack-test06
openstack-test07
[keystone] [keystone]
openstack-test05 ansible-test-3
[glance-controller] [glance-controller]
openstack-test05 ansible-test-2
[horizon] [horizon]
openstack-test05 ansible-test-3
[rabbitmq] [rabbitmq]
openstack-test05 ansible-test
openstack-test06 ansible-test-2
openstack-test07 ansible-test-3
[memcached] [memcached]
openstack-test05 ansible-test-3
[neutron-controller] [neutron-controller]
openstack-test05 physical_interface_mappings=provider:enp4s0f0 ansible-test provider_interface_name=ens10
[nova-controller] [nova-controller]
openstack-test05 ansible-test
[cinder-controller]
openstack-test05
[heat]
openstack-test05
[cinder-storage]
openstack-test05 storage_volume=/dev/openstack-test05-vg/cinder
openstack-test06 storage_volume=/dev/openstack-test06-vg/cinder
openstack-test07 storage_volume=/dev/openstack-test07-vg/cinder
openstack-test08 storage_volume=/dev/openstack-test08-vg/cinder
openstack-test09 storage_volume=/dev/openstack-test09-vg/cinder
openstack-test10 storage_volume=/dev/openstack-test10-vg/cinder
[nova-compute] [nova-compute]
openstack-test06 physical_interface_mappings=provider:enp4s0f0 ansible-test-2 provider_interface_name=ens10
openstack-test07 physical_interface_mappings=provider:enp4s0f0
openstack-test08 physical_interface_mappings=provider:enp4s0f0
openstack-test09 physical_interface_mappings=provider:enp4s0f0
openstack-test10 physical_interface_mappings=provider:enp4s0f0