4 - name: Generate SSH key for stack if missing
5 shell: test -e ~/.ssh/id_rsa || ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
6 - name: Fix ssh key for stack
7 shell: restorecon -r /home/stack
10 path: /home/stack/nics
16 src: /root/.ssh/id_rsa.pub
17 dest: /home/stack/jumphost_id_rsa.pub
22 src: "{{ apex_temp_dir }}/{{ item }}.yaml"
23 dest: "/home/stack/nics/{{ item }}.yaml"
30 - name: Copy container prep env file to undercloud
32 src: "{{ apex_temp_dir }}/containers-prepare-parameter.yaml"
33 dest: "/home/stack/containers-prepare-parameter.yaml"
39 regexp: 'Defaults\s*requiretty'
43 path: /etc/environment
45 line: "http_proxy={{ http_proxy }}"
49 path: /etc/environment
50 regexp: '^https_proxy'
51 line: "https_proxy={{ https_proxy }}"
54 - name: openstack-configs undercloud
55 shell: openstack-config --set undercloud.conf DEFAULT {{ item }}
56 with_items: "{{ undercloud_config }}"
57 - name: openstack-configs undercloud network
58 shell: openstack-config --set undercloud.conf ctlplane-subnet {{ item }}
59 with_items: "{{ undercloud_network_config }}"
61 - name: undercloud install
62 shell: openstack undercloud install &> apex-undercloud-install.log
66 - name: undercloud install retry
67 shell: openstack undercloud install >> apex-undercloud-install.log 2>&1
71 - name: fetch undercloud log
73 src: /home/stack/apex-undercloud-install.log
74 dest: "{{ apex_temp_dir }}/"
76 - name: Install ceph-ansible
80 - name: openstack-configs nova
81 shell: openstack-config --set /var/lib/config-data/nova/etc/nova/nova.conf DEFAULT {{ item }}
83 with_items: "{{ nova_config }}"
84 - name: restart nova services
85 shell: "{{ container_client }} restart {{ item }}"
92 - name: openstack-configs neutron
93 shell: openstack-config --set /var/lib/config-data/neutron/etc/neutron/neutron.conf DEFAULT {{ item }}
95 with_items: "{{ neutron_config }}"
96 - name: restart neutron services
97 shell: "{{ container_client }} restart {{ item }}"
102 - name: openstack-configs ironic
103 shell: openstack-config --set /var/lib/config-data/ironic/etc/ironic/ironic.conf {{ item }}
105 with_items: "{{ ironic_config }}"
106 - name: restart ironic services
107 shell: "{{ container_client }} restart {{ item }}"
113 - name: configure external network vlan ifcfg
115 src: external_vlan_ifcfg.yml.j2
116 dest: "/etc/sysconfig/network-scripts/ifcfg-vlan{{ external_network.vlan }}"
122 - external_network.vlan != "native"
123 - external_network.enabled
124 - name: bring up vlan ifcfg
125 shell: "ifup vlan{{ external_network.vlan }}"
128 - external_network.vlan != "native"
129 - external_network.enabled
130 - name: assign IP to native eth2
131 shell: ip a a {{ external_network.ip }}/{{ external_network.prefix }} dev eth2
134 - external_network.vlan == "native"
135 - external_network.enabled
136 - name: bring up eth2
137 shell: ip link set up dev eth2
139 - external_network.vlan == "native"
140 - external_network.enabled
142 - name: bring up eth0 if aarch64
143 shell: ip link set up dev eth0
145 - external_network.vlan == "native"
146 - external_network.enabled
150 - name: Undercloud NAT - MASQUERADE interface
156 - name: Undercloud NAT - MASQUERADE interface with subnet
162 source: "{{ nat_cidr }}"
163 - name: Undercloud NAT - Allow Forwarding
168 - name: Undercloud NAT - Allow Stateful Forwarding
173 source: "{{ nat_cidr }}"
174 ctstate: ESTABLISHED,RELATED
177 - not nat_network_ipv6
179 - name: Allow SSH in iptables
188 - name: Undercloud NAT - Save iptables
189 shell: service iptables save
191 - name: fetch storage environment file
193 src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
194 dest: "{{ apex_temp_dir }}/"
196 - name: fetch sriov environment file
198 src: /usr/share/openstack-tripleo-heat-templates/environments/services/neutron-opendaylight-sriov.yaml
199 dest: "{{ apex_temp_dir }}/"
201 - name: Restorecon for root ssh
202 shell: restorecon -r -v /root/.ssh
205 - include: undercloud_aarch64.yml