87514a5705
Add ssl keystone endpoints Add ssl keystone endpoints use fqdn for keystone everywhere. Iadded certs for horizon. Also increased yield of nuke.yml
96 lines
3.0 KiB
YAML
96 lines
3.0 KiB
YAML
# Build and install a docker image for cinder.
|
|
---
|
|
- name: include secrets
|
|
include_vars:
|
|
file: ../../secrets.yml
|
|
name: secrets
|
|
tags: vars
|
|
|
|
#- command: uuidgen
|
|
# register: uuid
|
|
|
|
- set_fact:
|
|
docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-storage-merlin:latest
|
|
env_vars: >
|
|
-e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}"
|
|
-e "CINDER_HOST={{ listen_ip | default(hostvars[groups['cinder-storage'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "CINDER_PASSWORD={{ secrets['CINDER_PASSWORD'] }}"
|
|
-e "CINDER_USER=cinder"
|
|
-e "GLANCE_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "KEYSTONE_HOST={{ keystone_external_fqdn | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
|
|
-e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
|
|
-e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
|
|
-e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
|
|
-e "RABBIT_USER=openstack"
|
|
-e "USE_CEPH={{ use_ceph }}"
|
|
-e "MON_INITIAL_MEMBERS={{ ceph_mon_initial_members }}"
|
|
-e "MON_HOST={{ ceph_mon_host }}"
|
|
-e "PUBLIC_NETWORK={{ ceph_public_network }}"
|
|
-e "OSD_POOL_DEFAULT_SIZE={{ ceph_osd_pool_default_size }}"
|
|
-e "RBD_SECRET_UUID={{ secrets['CINDER_RBD_SECRET_UUID']}}"
|
|
tags: vars
|
|
|
|
- name: pull docker image
|
|
docker_image:
|
|
name: "{{ docker_image }}"
|
|
tags: pull
|
|
|
|
- name: Make build and persistent directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
mode: 0777
|
|
with_items:
|
|
- /srv/cinder-storage
|
|
- /srv/cinder-storage/root
|
|
- /srv/cinder-storage/etc/ceph
|
|
|
|
- name: initial setup
|
|
command: >
|
|
/usr/bin/docker run --rm
|
|
--privileged
|
|
{{ env_vars }}
|
|
-v /srv/cinder-storage/root:/root \
|
|
{{ docker_image }} /etc/bootstrap.sh
|
|
tags: bootstrap
|
|
|
|
- name: copy ceph-client configurationfile
|
|
copy:
|
|
src: files/ceph.conf
|
|
dest: /srv/cinder-storage/etc/ceph/ceph.conf
|
|
mode: 0644
|
|
|
|
- name: copy ceph-client-keyring
|
|
copy:
|
|
src: files/ceph.client.volumes.keyring
|
|
dest: /srv/cinder-storage/etc/ceph/ceph.client.volumes.keyring
|
|
mode: 0644
|
|
|
|
- name: install service file.
|
|
template:
|
|
src: templates/cinder-storage.service
|
|
dest: /etc/systemd/system/cinder-storage.service
|
|
mode: 644
|
|
owner: root
|
|
group: root
|
|
tags: systemd
|
|
|
|
#- name: set ceph client keyring
|
|
# copy:
|
|
# content: "{{ceph_cinder_client_keyring}}"
|
|
# dest: /srv/cinder-storage/etc/ceph
|
|
# when: use_ceph
|
|
|
|
- command: systemctl daemon-reload
|
|
tags: systemd
|
|
|
|
- name: start service at boot.
|
|
command: systemctl reenable cinder-storage.service
|
|
|
|
- name: make sure service is started
|
|
systemd:
|
|
name: cinder-storage.service
|
|
state: restarted
|