lib/ansible/playbooks/post_deploy_undercloud.yml

   1 ---
   2 - hosts: all
   3   tasks:
   4     - name: Enable ssh to overcloud nodes from jumphost
   5       shell: "cat /home/stack/jumphost_id_rsa.pub | ssh -T {{ SSH_OPTIONS }} heat-admin@{{ item.value }} 'cat >> ~/.ssh/authorized_keys'"
   6       with_dict: "{{ overcloud_nodes }}"
   7       become: yes
   8       become_user: stack
   9     - name: Configure external network
  10       shell: "{{ overcloudrc }} && {{ item }}"
  11       with_items: "{{ external_network_cmds }}"
  12     - name: Configure gluon networks
  13       shell: "{{ overcloudrc }} && {{ item }}"
  14       when: gluon
  15       with_items:
  16         - openstack network create gluon-network --share --provider-network-type vxlan
  17         - openstack subnet create gluon-subnet --no-gateway --no-dhcp --network GluonNetwork --subnet-range 0.0.0.0/1
  18     - name: Find admin project id
  19       shell: "{{ overcloudrc }} && openstack project list | grep admin | awk '{print $2}'"
  20       register: os_project_id
  21     - name: Ensure rc files owned by stack
  22       file:
  23         path: "/home/stack/{{ item }}"
  24         state: file
  25         owner: stack
  26         group: stack
  27         mode: 0644
  28       become: yes
  29       with_items:
  30         - overcloudrc
  31         - overcloudrc.v3
  32     - name: Inject OS_PROJECT_ID and OS_TENANT_NAME into overcloudrc
  33       lineinfile:
  34         line: "{{ item }}"
  35         path: /home/stack/overcloudrc
  36       become: yes
  37       become_user: stack
  38       with_items:
  39         - "export OS_PROJECT_ID={{ os_project_id.stdout }}"
  40         - "export OS_TENANT_NAME=admin"
  41     - name: Install Docker
  42       yum:
  43         name: docker
  44         state: present
  45       when: yardstick or dovetail
  46       become: yes
  47     - systemd:
  48         name: docker
  49         state: started
  50         enabled: yes
  51       when: yardstick or dovetail
  52       become: yes
  53     - name: Pull yardstick docker image
  54       docker_image:
  55         name: opnfv/yardstick
  56       when: yardstick
  57       become: yes
  58     - name: Pull dovetail docker image
  59       docker_image:
  60         name: opnfv/dovetail
  61       when: dovetail
  62       become: yes
  63     - name: Register SDN VIP
  64       shell: "{{ stackrc }} && neutron port-list | grep control_virtual_ip | grep -Eo '([0-9]+\\.){3}[0-9]+'"
  65       register: sdn_vip
  66       become: yes
  67       become_user: stack
  68       when: sdn != false
  69     - name: Write SDN controller VIP to overcloudrc
  70       lineinfile:
  71         line: "export SDN_CONTROLLER_IP={{ sdn_vip.stdout }}"
  72         regexp: 'SDN_CONTROLLER_IP'
  73         path: "/home/stack/{{ item }}"
  74       when: sdn != false
  75       become: yes
  76       become_user: stack
  77       with_items:
  78         - overcloudrc
  79         - overcloudrc.v3
  80     - name: Undercloud NAT - MASQUERADE interface
  81       iptables:
  82         table: nat
  83         chain: POSTROUTING
  84         out_interface: eth0
  85         jump: MASQUERADE
  86       when:
  87         - virtual
  88         - not external_network_ipv6
  89       become: yes
  90     - name: Undercloud NAT - MASQUERADE interface with subnet
  91       iptables:
  92         table: nat
  93         chain: POSTROUTING
  94         out_interface: eth0
  95         jump: MASQUERADE
  96         source: "{{ external_cidr }}"
  97       when:
  98         - virtual
  99         - not external_network_ipv6
 100       become: yes
 101     - name: Undercloud NAT - Allow Forwarding
 102       iptables:
 103         chain: FORWARD
 104         in_interface: eth2
 105         jump: ACCEPT
 106       when:
 107         - virtual
 108         - not external_network_ipv6
 109       become: yes
 110     - name: Undercloud NAT - Allow Stateful Forwarding
 111       iptables:
 112         chain: FORWARD
 113         in_interface: eth2
 114         jump: ACCEPT
 115         source: "{{ external_cidr }}"
 116         ctstate: ESTABLISHED,RELATED
 117       when:
 118         - virtual
 119         - not external_network_ipv6
 120       become: yes
 121     - name: Undercloud NAT - Save iptables
 122       shell: service iptables save
 123       become: yes
 124       when:
 125         - virtual
 126         - not external_network_ipv6
 127     - name: Create congress datasources
 128       shell: "{{ overcloudrc }} && openstack congress datasource create {{ item }}"
 129       become: yes
 130       become_user: stack
 131       when: congress
 132       with_items: "{{ congress_datasources }}"
 133       ignore_errors: yes
 134     - name: Configure Calipso
 135       block:
 136         - name: Install Calipso dependencies
 137           pip:
 138             name: "{{ item }}"
 139             executable: pip3
 140           with_items:
 141             - docker
 142             - pymongo
 143         - name: Create Calipso user
 144           user:
 145             name: calipso
 146             createhome: yes
 147         - name: Remove old docker
 148           package:
 149             name: "{{ item }}"
 150             state: absent
 151           with_items:
 152             - docker
 153             - docker-common
 154             - docker-selinux
 155             - docker-engine
 156         - name: Install Docker CE
 157           package:
 158             name: docker-ce
 159             state: latest
 160         - name: Start Docker
 161           service:
 162             name: docker
 163             state: started
 164             enabled: yes
 165         - name: Install Calipso
 166           command: >
 167             python3 /root/calipso-installer.py --command start-all
 168             --copy q --hostname {{ calipso_ip }} --dbport 37017 --webport 81
 169             --apiport 8001 --rabbitmport 15673
 170       become: yes
 171       when: calipso