- name: Find admin project id
shell: "{{ overcloudrc }} && openstack project list | grep admin | awk '{print $2}'"
register: os_project_id
+ - name: Ensure rc files owned by stack
+ file:
+ path: "/home/stack/{{ item }}"
+ state: file
+ owner: stack
+ group: stack
+ mode: 0644
+ become: yes
+ with_items: "{{ overcloudrc_files }}"
- name: Inject OS_PROJECT_ID and OS_TENANT_NAME into overcloudrc
lineinfile:
line: "{{ item }}"
path: /home/stack/overcloudrc
+ become: yes
+ become_user: stack
with_items:
- "export OS_PROJECT_ID={{ os_project_id.stdout }}"
- "export OS_TENANT_NAME=admin"
regexp: 'SDN_CONTROLLER_IP'
path: "/home/stack/{{ item }}"
when: sdn != false
- with_items:
- - overcloudrc
- - overcloudrc.v3
- - name: Undercloud NAT - MASQUERADE interface
- iptables:
- table: nat
- chain: POSTROUTING
- out_interface: eth0
- jump: MASQUERADE
- when:
- - virtual
- - not external_network_ipv6
- become: yes
- - name: Undercloud NAT - MASQUERADE interface with subnet
- iptables:
- table: nat
- chain: POSTROUTING
- out_interface: eth0
- jump: MASQUERADE
- source: "{{ external_cidr }}"
- when:
- - virtual
- - not external_network_ipv6
- become: yes
- - name: Undercloud NAT - Allow Forwarding
- iptables:
- chain: FORWARD
- in_interface: eth2
- jump: ACCEPT
- when:
- - virtual
- - not external_network_ipv6
become: yes
- - name: Undercloud NAT - Allow Stateful Forwarding
- iptables:
- chain: FORWARD
- in_interface: eth2
- jump: ACCEPT
- source: "{{ external_cidr }}"
- ctstate: ESTABLISHED,RELATED
- when:
- - virtual
- - not external_network_ipv6
+ become_user: stack
+ with_items: "{{ overcloudrc_files }}"
+ - name: Register OS Region
+ shell: "{{ overcloudrc }} && openstack endpoint list -c Region -f json"
+ register: region
become: yes
- - name: Undercloud NAT - Save iptables
- shell: service iptables save
+ become_user: stack
+ - name: Write Region into overcloudrc
+ lineinfile:
+ line: "export OS_REGION_NAME={{(region.stdout|from_json)[1]['Region']}}"
+ regexp: 'OS_REGION_NAME'
+ path: "/home/stack/{{ item }}"
become: yes
- when:
- - virtual
- - not external_network_ipv6
+ become_user: stack
+ with_items: "{{ overcloudrc_files }}"
- name: Create congress datasources
shell: "{{ overcloudrc }} && openstack congress datasource create {{ item }}"
become: yes
when: congress
with_items: "{{ congress_datasources }}"
ignore_errors: yes
+ - name: Configure Calipso
+ block:
+ - name: Install Calipso dependencies
+ pip:
+ name: "{{ item }}"
+ executable: pip3
+ with_items:
+ - docker
+ - pymongo
+ - name: Create Calipso user
+ user:
+ name: calipso
+ createhome: yes
+ - name: Remove old docker
+ package:
+ name: "{{ item }}"
+ state: absent
+ with_items:
+ - docker
+ - docker-common
+ - docker-selinux
+ - docker-engine
+ - name: Install Docker CE
+ package:
+ name: docker-ce
+ state: latest
+ - name: Start Docker
+ service:
+ name: docker
+ state: started
+ enabled: yes
+ - name: Install Calipso
+ command: >
+ python3 /root/calipso-installer.py --command start-all
+ --copy q --hostname {{ calipso_ip }} --dbport 37017 --webport 81
+ --apiport 8001 --rabbitmport 15673
+ become: yes
+ when: calipso
Code Review / apex.git / blobdiff