Fixes deployment on CentOS 7.6

[apex.git] / lib / ansible / playbooks / configure_undercloud.yml

diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml
index 578ab13..07b82c8 100644 (file)
--- a/lib/ansible/playbooks/configure_undercloud.yml
+++ b/lib/ansible/playbooks/configure_undercloud.yml
@@ -27,6 +27,13 @@
       with_items:
         - controller
         - compute
+    - name: Copy container prep env file to undercloud
+      copy:
+        src: "{{ apex_temp_dir }}/containers-prepare-parameter.yaml"
+        dest: "/home/stack/containers-prepare-parameter.yaml"
+        owner: stack
+        group: stack
+        mode: 0644
     - lineinfile:
         path: /etc/sudoers
         regexp: 'Defaults\s*requiretty'
@@ -47,23 +54,12 @@
     - name: openstack-configs undercloud
       shell: openstack-config --set undercloud.conf DEFAULT {{ item }}
       with_items: "{{ undercloud_config }}"
-    - name: Add ironic packages
-      yum:
-        name: openstack-ironic-api,openstack-ironic-common,
-              openstack-ironic-inspector
-      become: yes
-    - name: openstack-configs ironic
-      shell: openstack-config --set /etc/ironic/ironic.conf {{ item }}
-      become: yes
-      with_items: "{{ ironic_config }}"
-    - lineinfile:
-        path: /usr/lib/python2.7/site-packages/ironic/common/pxe_utils.py
-        regexp: '_link_ip_address_pxe_configs'
-        line: '        _link_mac_pxe_configs(task)'
-      when: aarch64
+    - name: openstack-configs undercloud network
+      shell: openstack-config --set undercloud.conf ctlplane-subnet {{ item }}
+      with_items: "{{ undercloud_network_config }}"
     - block:
         - name: undercloud install
-          shell: openstack undercloud install --use-heat False &> apex-undercloud-install.log
+          shell: openstack undercloud install &> apex-undercloud-install.log
           become: yes
           become_user: stack
       rescue:
@@ -77,40 +73,42 @@
             src: /home/stack/apex-undercloud-install.log
             dest: "{{ apex_temp_dir }}/"
             flat: yes
+    - name: Install ceph-ansible
+      yum:
+        name: ceph-ansible
+      become: yes
     - name: openstack-configs nova
-      shell: openstack-config --set /etc/nova/nova.conf DEFAULT {{ item }}
+      shell: openstack-config --set /var/lib/config-data/nova/etc/nova/nova.conf DEFAULT {{ item }}
       become: yes
       with_items: "{{ nova_config }}"
     - name: restart nova services
-      service:
-        name: "{{ item }}"
-        state: restarted
-        enabled: yes
+      shell: "{{ container_client }} restart {{ item }}"
       with_items:
-        - openstack-nova-conductor
-        - openstack-nova-compute
-        - openstack-nova-api
-        - openstack-nova-scheduler
+        - nova_conductor
+        - nova_compute
+        - nova_api
+        - nova_scheduler
+      become: yes
     - name: openstack-configs neutron
-      shell: openstack-config --set /etc/neutron/neutron.conf DEFAULT {{ item }}
+      shell: openstack-config --set /var/lib/config-data/neutron/etc/neutron/neutron.conf DEFAULT {{ item }}
       become: yes
       with_items: "{{ neutron_config }}"
     - name: restart neutron services
-      service:
-        name: "{{ item }}"
-        state: restarted
-        enabled: yes
+      shell: "{{ container_client }} restart {{ item }}"
       with_items:
-        - neutron-server
-        - neutron-dhcp-agent
-    - name: Configure workaround for mariadb long blob (LP#1768913)
-      shell: openstack-config --set /etc/my.cnf.d/galera.cnf mysqld innodb_log_file_size 256M
+        - neutron_api
+        - neutron_dhcp
       become: yes
-    - name: restart mariadb service
-      service:
-        name: mariadb
-        state: restarted
-        enabled: yes
+    - name: openstack-configs ironic
+      shell: openstack-config --set /var/lib/config-data/ironic/etc/ironic/ironic.conf {{ item }}
+      become: yes
+      with_items: "{{ ironic_config }}"
+    - name: restart ironic services
+      shell: "{{ container_client }} restart {{ item }}"
+      with_items:
+        - ironic_api
+        - ironic_conductor
+        - ironic_inspector
       become: yes
     - name: configure external network vlan ifcfg
       template:
@@ -135,21 +133,12 @@
       when:
         - external_network.vlan == "native"
         - external_network.enabled
-        - not aarch64
     - name: bring up eth2
       shell: ip link set up dev eth2
       when:
         - external_network.vlan == "native"
         - external_network.enabled
-        - not aarch64
-      become: yes
-    - name: assign IP to native eth0 if aarch64
-      shell: ip a a {{ external_network.ip }}/{{ external_network.prefix }} dev eth0
       become: yes
-      when:
-        - external_network.vlan == "native"
-        - external_network.enabled
-        - aarch64
     - name: bring up eth0 if aarch64
       shell: ip link set up dev eth0
       when:
@@ -183,12 +172,22 @@
             jump: ACCEPT
             source: "{{ nat_cidr }}"
             ctstate: ESTABLISHED,RELATED
-        - name: Undercloud NAT - Save iptables
-          shell: service iptables save
       become: yes
       when:
         - not nat_network_ipv6
         - nat
+    - name: Allow SSH in iptables
+      iptables:
+        action: insert
+        chain: INPUT
+        rule_num: 1
+        protocol: tcp
+        destination_port: 22
+        jump: ACCEPT
+      become: yes
+    - name: Undercloud NAT - Save iptables
+      shell: service iptables save
+      become: yes
     - name: fetch storage environment file
       fetch:
         src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
@@ -199,6 +198,9 @@
         src: /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-opendaylight-sriov.yaml
         dest: "{{ apex_temp_dir }}/"
         flat: yes
+    - name: Restorecon for root ssh
+      shell: restorecon -r -v /root/.ssh
+      become: yes
 
 - include: undercloud_aarch64.yml
   when: aarch64