--- /dev/null
+---
+- hosts: all
+ tasks:
+ - name: Enable ssh to overcloud nodes from jumphost
+ shell: "cat /home/stack/jumphost_id_rsa.pub | ssh -T {{ SSH_OPTIONS }} heat-admin@{{ item.value }} 'cat >> ~/.ssh/authorized_keys'"
+ with_dict: "{{ overcloud_nodes }}"
+ become: yes
+ become_user: stack
+ - name: Configure external network
+ shell: "{{ overcloudrc }} && {{ item }}"
+ with_items: "{{ external_network_cmds }}"
+ - name: Configure gluon networks
+ shell: "{{ overcloudrc }} && {{ item }}"
+ when: gluon
+ with_items:
+ - openstack network create gluon-network --share --provider-network-type vxlan
+ - openstack subnet create gluon-subnet --no-gateway --no-dhcp --network GluonNetwork --subnet-range 0.0.0.0/1
+ - name: Find admin project id
+ shell: "{{ overcloudrc }} && openstack project list | grep admin | awk '{print $2}'"
+ register: os_project_id
+ - name: Inject OS_PROJECT_ID and OS_TENANT_NAME into overcloudrc
+ lineinfile:
+ line: "{{ item }}"
+ path: /home/stack/overcloudrc
+ with_items:
+ - "export OS_PROJECT_ID={{ os_project_id.stdout }}"
+ - "export OS_TENANT_NAME=admin"
+ - name: Install Docker
+ yum:
+ name: docker
+ state: present
+ when: yardstick or dovetail
+ become: yes
+ - systemd:
+ name: docker
+ state: started
+ enabled: yes
+ when: yardstick or dovetail
+ become: yes
+ - name: Pull yardstick docker image
+ docker_image:
+ name: opnfv/yardstick
+ when: yardstick
+ become: yes
+ - name: Pull dovetail docker image
+ docker_image:
+ name: opnfv/dovetail
+ when: dovetail
+ become: yes
+ - name: Register SDN VIP
+ shell: "{{ stackrc }} && neutron port-list | grep control_virtual_ip | grep -Eo '([0-9]+\\.){3}[0-9]+'"
+ register: sdn_vip
+ become: yes
+ become_user: stack
+ when: sdn != false
+ - name: Write SDN controller VIP to overcloudrc
+ lineinfile:
+ line: "export SDN_CONTROLLER_IP={{ sdn_vip.stdout }}"
+ regexp: 'SDN_CONTROLLER_IP'
+ path: "/home/stack/{{ item }}"
+ when: sdn != false
+ with_items:
+ - overcloudrc
+ - overcloudrc.v3
+ - name: Undercloud NAT - MASQUERADE interface
+ iptables:
+ table: nat
+ chain: POSTROUTING
+ out_interface: eth0
+ jump: MASQUERADE
+ when:
+ - virtual
+ - not external_network_ipv6
+ become: yes
+ - name: Undercloud NAT - MASQUERADE interface with subnet
+ iptables:
+ table: nat
+ chain: POSTROUTING
+ out_interface: eth0
+ jump: MASQUERADE
+ source: "{{ external_cidr }}"
+ when:
+ - virtual
+ - not external_network_ipv6
+ become: yes
+ - name: Undercloud NAT - Allow Forwarding
+ iptables:
+ chain: FORWARD
+ in_interface: eth2
+ jump: ACCEPT
+ when:
+ - virtual
+ - not external_network_ipv6
+ become: yes
+ - name: Undercloud NAT - Allow Stateful Forwarding
+ iptables:
+ chain: FORWARD
+ in_interface: eth2
+ jump: ACCEPT
+ source: "{{ external_cidr }}"
+ ctstate: ESTABLISHED,RELATED
+ when:
+ - virtual
+ - not external_network_ipv6
+ become: yes
+ - name: Undercloud NAT - Save iptables
+ shell: service iptables save
+ become: yes
+ when:
+ - virtual
+ - not external_network_ipv6
+ - name: Create congress datasources
+ shell: "{{ overcloudrc }} && openstack congress datasource create {{ item }}"
+ become: yes
+ become_user: stack
+ when: congress
+ with_items: "{{ congress_datasources }}"
+ ignore_errors: yes
Code Review / apex.git / blobdiff