Code Review / apex.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Enables containerized overcloud deployments
[apex.git] / lib / ansible / playbooks / post_deploy_undercloud.yml
diff --git a/lib/ansible/playbooks/post_deploy_undercloud.yml b/lib/ansible/playbooks/post_deploy_undercloud.yml
index bd62f9c..d0206f8 100644 (file)
--- a/lib/ansible/playbooks/post_deploy_undercloud.yml
+++ b/lib/ansible/playbooks/post_deploy_undercloud.yml
@@ -18,10 +18,21 @@
     - name: Find admin project id
       shell: "{{ overcloudrc }} && openstack project list | grep admin | awk '{print $2}'"
       register: os_project_id
+    - name: Ensure rc files owned by stack
+      file:
+        path: "/home/stack/{{ item }}"
+        state: file
+        owner: stack
+        group: stack
+        mode: 0644
+      become: yes
+      with_items: "{{ overcloudrc_files }}"
     - name: Inject OS_PROJECT_ID and OS_TENANT_NAME into overcloudrc
       lineinfile:
         line: "{{ item }}"
         path: /home/stack/overcloudrc
+      become: yes
+      become_user: stack
       with_items:
         - "export OS_PROJECT_ID={{ os_project_id.stdout }}"
         - "export OS_TENANT_NAME=admin"
@@ -59,62 +70,29 @@
         regexp: 'SDN_CONTROLLER_IP'
         path: "/home/stack/{{ item }}"
       when: sdn != false
-      with_items:
-        - overcloudrc
-        - overcloudrc.v3
-    - name: Undercloud NAT - MASQUERADE interface
-      iptables:
-        table: nat
-        chain: POSTROUTING
-        out_interface: eth0
-        jump: MASQUERADE
-      when:
-        - virtual
-        - not external_network_ipv6
-      become: yes
-    - name: Undercloud NAT - MASQUERADE interface with subnet
-      iptables:
-        table: nat
-        chain: POSTROUTING
-        out_interface: eth0
-        jump: MASQUERADE
-        source: "{{ external_cidr }}"
-      when:
-        - virtual
-        - not external_network_ipv6
       become: yes
-    - name: Undercloud NAT - Allow Forwarding
-      iptables:
-        chain: FORWARD
-        in_interface: eth2
-        jump: ACCEPT
-      when:
-        - virtual
-        - not external_network_ipv6
-      become: yes
-    - name: Undercloud NAT - Allow Stateful Forwarding
-      iptables:
-        chain: FORWARD
-        in_interface: eth2
-        jump: ACCEPT
-        source: "{{ external_cidr }}"
-        ctstate: ESTABLISHED,RELATED
-      when:
-        - virtual
-        - not external_network_ipv6
+      become_user: stack
+      with_items: "{{ overcloudrc_files }}"
+    - name: Register OS Region
+      shell: "{{ overcloudrc }} && openstack endpoint list -c Region -f json"
+      register: region
       become: yes
-    - name: Undercloud NAT - Save iptables
-      shell: service iptables save
+      become_user: stack
+    - name: Write Region into overcloudrc
+      lineinfile:
+        line: "export OS_REGION_NAME={{(region.stdout|from_json)[1]['Region']}}"
+        regexp: 'OS_REGION_NAME'
+        path: "/home/stack/{{ item }}"
       become: yes
-      when:
-        - virtual
-        - not external_network_ipv6
+      become_user: stack
+      with_items: "{{ overcloudrc_files }}"
     - name: Create congress datasources
       shell: "{{ overcloudrc }} && openstack congress datasource create {{ item }}"
       become: yes
       become_user: stack
       when: congress
       with_items: "{{ congress_datasources }}"
+      ignore_errors: yes
     - name: Configure Calipso
       block:
         - name: Install Calipso dependencies