Added openstack01 with /dev mounted in cinder container.

is referenced in volume name.

ansible.cfg

@@ -1,2 +1,6 @@
 [defaults]
-inventory = merlin
+inventory = hosts
+stdout_callback = debug
+vault_password_file = .vault_pass.txt
+forks = 20
+host_key_checking = false

cinder-controller.yml

@@ -1,7 +1,13 @@
 ---
 - hosts: all
   name: Dummy to gather facts
-  tasks: []
+  tasks:
+    - name: gather facts even if hosts are excluded.
+      setup:
+      delegate_to: "{{item}}"
+      delegate_facts: True
+      loop: "{{groups['all']}}"
+
 
 - hosts: cinder-controller
   become: True

common.yml

@@ -1,5 +1,11 @@
 ---
 - hosts: all
   become: True
+  vars_prompt:
+    - name: "docker_user"
+      prompt: "What is your p number?"
+    - name: "docker_pass"
+      prompt: "What is your password?"
+      private: yes
   roles:
       - common

gcc-site.yml

@@ -1,14 +1,14 @@
 ---
-- include: common.yml
+- import_tasks: common.yml
-- include: rabbitmq.yml
+- import_tasks: rabbitmq.yml
-- include: memcached.yml
+- import_tasks: memcached.yml
-- include: mariadb.yml
+- import_tasks: mariadb.yml
-- include: keystone.yml
+- import_tasks: keystone.yml
-- include: glance-controller.yml
+- import_tasks: glance-controller.yml
-- include: nova-controller.yml
+- import_tasks: nova-controller.yml
-- include: neutron-controller.yml
+- import_tasks: neutron-controller.yml
-- include: cinder-controller.yml
+- import_tasks: cinder-controller.yml
-- include: cinder-storage.yml
+- import_tasks: cinder-storage.yml
-- include: nova-compute.yml
+- import_tasks: nova-compute.yml
-- include: horizon.yml
+- import_tasks: horizon.yml
-- include: gcc-post-install.yml
+- import_tasks: gcc-post-install.yml

group_vars/horizon.yml

@@ -0,0 +1,2 @@
+---
+security_fail2ban_enabled: false

horizon.yml

@@ -6,4 +6,5 @@
 - hosts: horizon
   become: True
   roles:
+     - geerlingguy.security
      - horizon

host_vars/openstack03

@@ -0,0 +1,2 @@
+---
+listen_ip: '172.23.40.243'

host_vars/openstack04

@@ -0,0 +1,2 @@
+---
+listen_ip: '172.23.40.253'

openstack03

@@ -26,10 +26,14 @@ openstack03
 openstack03
 
 [cinder-storage]
+openstack01 storage_volume=/dev/sdc3
+openstack02 storage_volume=/dev/sda5
 openstack03 storage_volume=/dev/sdb1
+openstack04 storage_volume=/dev/sdb1
 
 [nova-compute]
+openstack01 physical_interface_mappings=provider:bond0
+openstack02 physical_interface_mappings=provider:enp34s0f1
 openstack03 physical_interface_mappings=provider:enp4s0f0
+openstack04 physical_interface_mappings=provider:eno1
 
-[all:vars]
-listen_ip=172.23.40.243

roles/cinder-storage/tasks/main.yml

@@ -20,7 +20,9 @@
         -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
         -e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
         -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
+        -e "AVAILABILITY_ZONE={{ ansible_nodename }}"
         -e "RABBIT_USER=openstack"
+        -e "CINDER_STORAGE_VOLUME={{ storage_volume }}"
   tags: vars
 
 - name: pull docker image
@@ -43,7 +45,7 @@
              --privileged
              {{ env_vars }}
              -v /srv/cinder-storage/root:/root \
-             -v "{{ storage_volume }}":/dev/cinder_storage_volume \
+             -v /dev:/dev \
              {{ docker_image }} /etc/bootstrap.sh
   tags: bootstrap
 

roles/cinder-storage/templates/cinder-storage.service

@@ -11,13 +11,10 @@ ExecStartPre=-/usr/bin/docker rm %n
 ExecStart=/usr/bin/docker run --name %n \
   --privileged \
   {{ env_vars | replace('\n', '') }} \
-  -v "/dev/cinder-volumes/":/dev/cinder-volumes \
   -v /srv/cinder-storage/root:/root \
-  -v "{{ storage_volume }}":/dev/cinder_storage_volume \
+  -v "/dev":/dev \
-  -v "/dev/lvm":/dev/lvm \
+  -v "/var/lib/cinder:/var/lib/cinder" \
-  -v "/srv/cinder-storage/volumes/:/var/lib/cinder/volumes/" \
+  --network=host \
-  -p 8777:8776 \
-  -p 3260:3260 \
   {{ docker_image }}
 
 [Install]

roles/common/tasks/main.yml

@@ -5,7 +5,7 @@
 - name: Passwordless sudo for admins
   lineinfile: dest=/etc/sudoers line="%admin  ALL=(ALL:ALL) NOPASSWD:ALL"
 
-- include: users.yml
+- import_tasks: users.yml
 
 - name: common | install packages
   apt: pkg={{ item }} state=latest update_cache=yes
@@ -26,4 +26,11 @@
     owner: root
     group: root
 
-- include: docker.yml
+    #- import_tasks: docker.yml
+
+
+- name: Log into DockerHub
+  docker_login:
+    registry: registry.webhosting.rug.nl
+    username: "{{ docker_user }}"
+    password: "{{ docker_pass }}"

roles/keystone/templates/admin-openrc.sh

@@ -1,3 +1,5 @@
+export OS_PROJECT_DOMAIN_NAME=Default
+export OS_USER_DOMAIN_NAME=Default
 export OS_TENANT_NAME=admin
 export OS_USERNAME=admin
 export OS_PASSWORD={{ hostvars[groups['keystone'][0]]['OS_PASSWORD'] }}

roles/mariadb/tasks/main.yml

@@ -21,12 +21,14 @@
     dest: /srv/mariadb/etc/mysql/conf.d/my.cnf
     mode: 660
 
-- name: Set galara.cnf on node if we have at least three nodes.
+- name: >
+        Set galara.cnf on node if we have at least three nodes.
+        And we're part of the cluster.
   template:
     src: files/galera.cnf
     dest: /srv/mariadb/etc/mysql/conf.d/galera.cnf
     mode: 660
-  when: groups['databases'] | length >= 3
+  when: "'databases' in group_names and groups['databases'] | length >= 3"
 
   # This mimics galera_new_cluster.sh
 - name: Initialize a new cluster.
@@ -47,7 +49,8 @@
         name: mysql.service
         state: started
 
-  when: groups['databases'] | length >= 3 and ansible_hostname == hostname_node0
+  when: "'databases' in group_names and groups['databases'] \
+         | length >= 3 and ansible_hostname == hostname_node0"
 
 - name: install service file.
   block:
@@ -61,12 +64,22 @@
         group: root
 
 - name: Give the master node some time to initialize the cluster.
-  command: bash -c "sleep 60 && systemctl daemon-reload"
+  command: bash -c "sleep 60"
+  when: "'databases' in group_names and groups['databases'] \
+         | length >= 3"
+
+- name: Daemon reload (the implicit doesn't work)
+  command: bash -c "systemctl daemon-reload"
 
 - name: make sure service is started
   systemd:
     name: mysql.service
     state: started
+    daemon_reload: yes
 
 - name: start service at boot.
   command: systemctl reenable mysql.service
+
+- name: Give the cluster some time to initialize replication.
+  command: bash -c "sleep 60 && systemctl daemon-reload"
+  when: "'databases' in group_names and groups['databases'] | length >= 3"

roles/nova-compute/templates/nova-compute.service

@@ -31,6 +31,7 @@ ExecStart=/usr/bin/docker run --name %n \
     -e "RABBIT_HOST={{ hostvars[groups['rabbitmq'][0]]['listen_ip'] | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}" \
     -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}" \
     -e "RABBIT_USER=openstack" \
+    -e "AVAILABILITY_ZONE={{ ansible_nodename }}" \
     --add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
     --add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
     --privileged \

site.yml

@@ -1,15 +1,15 @@
 ---
-- include: common.yml
+- import_playbook: common.yml
-- include: rabbitmq.yml
+- import_playbook: rabbitmq.yml
-- include: memcached.yml
+- import_playbook: memcached.yml
-- include: mariadb.yml
+- import_playbook: mariadb.yml
-- include: keystone.yml
+- import_playbook: keystone.yml
-- include: glance-controller.yml
+- import_playbook: glance-controller.yml
-- include: nova-controller.yml
+- import_playbook: nova-controller.yml
-- include: neutron-controller.yml
+- import_playbook: neutron-controller.yml
-- include: cinder-controller.yml
+- import_playbook: cinder-controller.yml
-- include: cinder-storage.yml
+- import_playbook: cinder-storage.yml
-- include: nova-compute.yml
+- import_playbook: nova-compute.yml
-- include: horizon.yml
+- import_playbook: horizon.yml
-- include: heat.yml
+- import_playbook: heat.yml
-- include: post-install.yml
+- import_playbook: post-install.yml