summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTomas Sedovic <tomas@sedovic.cz>2017-06-02 14:06:52 +0200
committerTomas Sedovic <tomas@sedovic.cz>2017-06-14 16:38:32 +0200
commit7f60edeba48d78cd01669d20019e9bdacdf4e305 (patch)
tree5135c20938552653a39616d81a21a5f22b6b2ab5
parent6241e33432ea88cf9c5bc67db6d09c90b2e891ba (diff)
downloadopenshift-7f60edeba48d78cd01669d20019e9bdacdf4e305.tar.gz
openshift-7f60edeba48d78cd01669d20019e9bdacdf4e305.tar.bz2
openshift-7f60edeba48d78cd01669d20019e9bdacdf4e305.tar.xz
openshift-7f60edeba48d78cd01669d20019e9bdacdf4e305.zip
Move the openstack provisioning playbooks
They'll live in playbooks/provisioning/openstack from now on.
-rw-r--r--playbooks/provisioning/openstack/openstack_dns_records.yml77
-rw-r--r--playbooks/provisioning/openstack/openstack_dns_views.yml27
-rw-r--r--playbooks/provisioning/openstack/post-provision-openstack.yml60
-rw-r--r--playbooks/provisioning/openstack/pre-install.yml15
-rw-r--r--playbooks/provisioning/openstack/provision-openstack.yml48
5 files changed, 227 insertions, 0 deletions
diff --git a/playbooks/provisioning/openstack/openstack_dns_records.yml b/playbooks/provisioning/openstack/openstack_dns_records.yml
new file mode 100644
index 000000000..b1008fe33
--- /dev/null
+++ b/playbooks/provisioning/openstack/openstack_dns_records.yml
@@ -0,0 +1,77 @@
+---
+
+- name: "Generate list of private A records"
+ set_fact:
+ private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'hostname': hostvars[item]['ansible_hostname'], 'ip': hostvars[item]['openstack']['private_v4'] } ] }}"
+ with_items: "{{ groups['cluster_hosts'] }}"
+
+- name: "Set the private DNS server to use the external value (if provided)"
+ set_fact:
+ nsupdate_server_private: "{{ external_nsupdate_keys['private']['server'] }}"
+ nsupdate_key_secret_private: "{{ external_nsupdate_keys['private']['key_secret'] }}"
+ nsupdate_key_algorithm_private: "{{ external_nsupdate_keys['private']['key_algorithm'] }}"
+ when:
+ - external_nsupdate_keys is defined
+ - external_nsupdate_keys['private'] is defined
+
+- name: "Set the private DNS server to use the provisioned value"
+ set_fact:
+ nsupdate_server_private: "{{ hostvars[groups['dns'][0]].openstack.public_v4 }}"
+ nsupdate_key_secret_private: "{{ hostvars[groups['dns'][0]].nsupdate_keys['private-' + full_dns_domain].key_secret }}"
+ nsupdate_key_algorithm_private: "{{ hostvars[groups['dns'][0]].nsupdate_keys['private-' + full_dns_domain].key_algorithm }}"
+ when:
+ - nsupdate_server_private is undefined
+
+- name: "Generate the private Add section for DNS"
+ set_fact:
+ private_named_records:
+ - view: "private"
+ zone: "{{ full_dns_domain }}"
+ server: "{{ nsupdate_server_private }}"
+ key_name: "{{ ( 'private-' + full_dns_domain ) }}"
+ key_secret: "{{ nsupdate_key_secret_private }}"
+ key_algorithm: "{{ nsupdate_key_algorithm_private | lower }}"
+ entries: "{{ private_records }}"
+
+- name: "Generate list of public A records"
+ set_fact:
+ public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': hostvars[item]['ansible_hostname'], 'ip': hostvars[item]['openstack']['public_v4'] } ] }}"
+ with_items: "{{ groups['cluster_hosts'] }}"
+
+- name: "Add wildcard records to the public A records"
+ set_fact:
+ public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': '*.' + openshift_app_domain, 'ip': hostvars[item]['openstack']['public_v4'] } ] }}"
+ with_items: "{{ groups['infra_hosts'] }}"
+
+- name: "Set the public DNS server details to use the external value (if provided)"
+ set_fact:
+ nsupdate_server_public: "{{ external_nsupdate_keys['public']['server'] }}"
+ nsupdate_key_secret_public: "{{ external_nsupdate_keys['public']['key_secret'] }}"
+ nsupdate_key_algorithm_public: "{{ external_nsupdate_keys['public']['key_algorithm'] }}"
+ when:
+ - external_nsupdate_keys is defined
+ - external_nsupdate_keys['public'] is defined
+
+- name: "Set the public DNS server details to use the provisioned value"
+ set_fact:
+ nsupdate_server_public: "{{ hostvars[groups['dns'][0]].openstack.public_v4 }}"
+ nsupdate_key_secret_public: "{{ hostvars[groups['dns'][0]].nsupdate_keys['public-' + full_dns_domain].key_secret }}"
+ nsupdate_key_algorithm_public: "{{ hostvars[groups['dns'][0]].nsupdate_keys['public-' + full_dns_domain].key_algorithm }}"
+ when:
+ - nsupdate_server_public is undefined
+
+- name: "Generate the public Add section for DNS"
+ set_fact:
+ public_named_records:
+ - view: "public"
+ zone: "{{ full_dns_domain }}"
+ server: "{{ nsupdate_server_public }}"
+ key_name: "{{ ( 'public-' + full_dns_domain ) }}"
+ key_secret: "{{ nsupdate_key_secret_public }}"
+ key_algorithm: "{{ nsupdate_key_algorithm_public | lower }}"
+ entries: "{{ public_records }}"
+
+- name: "Generate the final dns_records_add"
+ set_fact:
+ dns_records_add: "{{ private_named_records + public_named_records }}"
+
diff --git a/playbooks/provisioning/openstack/openstack_dns_views.yml b/playbooks/provisioning/openstack/openstack_dns_views.yml
new file mode 100644
index 000000000..611ed9f82
--- /dev/null
+++ b/playbooks/provisioning/openstack/openstack_dns_views.yml
@@ -0,0 +1,27 @@
+---
+
+- name: "Generate ACL list for DNS server"
+ set_fact:
+ acl_list: "{{ acl_list | default([]) + [ (hostvars[item]['openstack']['private_v4'] + '/32') ] }}"
+ with_items: "{{ groups['cluster_hosts'] }}"
+
+- name: "Generate the private view"
+ set_fact:
+ private_named_view:
+ - name: "private"
+ acl_entry: "{{ acl_list }}"
+ zone:
+ - dns_domain: "{{ full_dns_domain }}"
+
+- name: "Generate the public view"
+ set_fact:
+ public_named_view:
+ - name: "public"
+ zone:
+ - dns_domain: "{{ full_dns_domain }}"
+ forwarder: "{{ public_dns_nameservers }}"
+
+- name: "Generate the final named_config_views"
+ set_fact:
+ named_config_views: "{{ private_named_view + public_named_view }}"
+
diff --git a/playbooks/provisioning/openstack/post-provision-openstack.yml b/playbooks/provisioning/openstack/post-provision-openstack.yml
new file mode 100644
index 000000000..d65e075b8
--- /dev/null
+++ b/playbooks/provisioning/openstack/post-provision-openstack.yml
@@ -0,0 +1,60 @@
+---
+
+# Assign hostnames
+- hosts: cluster_hosts
+ pre_tasks:
+ - include: roles/common/pre_tasks/pre_tasks.yml
+ roles:
+ - role: hostnames
+
+# Subscribe DNS Host to allow for configuration below
+- hosts: dns
+ roles:
+ - { role: subscription-manager, when: hostvars.localhost.rhsm_register, tags: 'subscription-manager', ansible_sudo: true }
+
+# Determine which DNS server(s) to use for our generated records
+- hosts: localhost
+ roles:
+ - dns-server-detect
+
+# Build the DNS Server Views and Configure DNS Server(s)
+- hosts: dns
+ pre_tasks:
+ - include: roles/common/pre_tasks/pre_tasks.yml
+ - name: "Generate dns-server views"
+ include: openstack_dns_views.yml
+ roles:
+ - role: dns-server
+
+# Build and process DNS Records
+- hosts: localhost
+ pre_tasks:
+ - include: roles/common/pre_tasks/pre_tasks.yml
+ - name: "Generate dns records"
+ include: openstack_dns_records.yml
+ roles:
+ - role: dns
+
+# Use newly configured DNS server for this container ...
+- hosts: localhost
+ tasks:
+ - name: "Edit /etc/resolv.conf in container"
+ shell: "sed '0,/.*nameserver.*/s/.*nameserver.*/nameserver {{ public_dns_server }} \\n&/' /etc/resolv.conf > /tmp/resolv.conf && /bin/cp -f /tmp/resolv.conf /etc/resolv.conf"
+
+# OpenShift Pre-Requisites
+- hosts: OSEv3
+ tasks:
+ - name: "Edit /etc/resolv.conf on masters/nodes"
+ lineinfile:
+ state: present
+ dest: /etc/resolv.conf
+ regexp: "nameserver {{ hostvars['localhost'].private_dns_server }}"
+ line: "nameserver {{ hostvars['localhost'].private_dns_server }}"
+ insertafter: search*
+ - name: "Include DNS configuration to ensure proper name resolution"
+ lineinfile:
+ state: present
+ dest: /etc/sysconfig/network
+ regexp: "IP4_NAMESERVERS={{ hostvars['localhost'].private_dns_server }}"
+ line: "IP4_NAMESERVERS={{ hostvars['localhost'].private_dns_server }}"
+
diff --git a/playbooks/provisioning/openstack/pre-install.yml b/playbooks/provisioning/openstack/pre-install.yml
new file mode 100644
index 000000000..8225287f9
--- /dev/null
+++ b/playbooks/provisioning/openstack/pre-install.yml
@@ -0,0 +1,15 @@
+---
+
+###############################
+# OpenShift Pre-Requisites
+
+# - subscribe hosts
+# - prepare docker
+# - other prep (install additional packages, etc.)
+#
+- hosts: OSEv3
+ roles:
+ - { role: subscription-manager, when: hostvars.localhost.rhsm_register, tags: 'subscription-manager', ansible_sudo: true }
+ - { role: docker, tags: 'docker' }
+ - { role: openshift-prep, tags: 'openshift-prep' }
+
diff --git a/playbooks/provisioning/openstack/provision-openstack.yml b/playbooks/provisioning/openstack/provision-openstack.yml
new file mode 100644
index 000000000..8125548fd
--- /dev/null
+++ b/playbooks/provisioning/openstack/provision-openstack.yml
@@ -0,0 +1,48 @@
+---
+- hosts: localhost
+ pre_tasks:
+ - include: roles/common/pre_tasks/pre_tasks.yml
+ roles:
+ - role: openstack-stack
+ stack_name: "{{ env_id }}.{{ public_dns_domain }}"
+ dns_domain: "{{ public_dns_domain }}"
+ dns_nameservers: "{{ public_dns_nameservers }}"
+ subnet_prefix: "{{ openstack_subnet_prefix }}"
+ ssh_public_key: "{{ openstack_ssh_public_key }}"
+ openstack_image: "{{ openstack_default_image_name }}"
+ lb_flavor: "{{ openstack_lb_flavor | default('m1.small') }}"
+ etcd_flavor: "{{ openstack_default_flavor }}"
+ master_flavor: "{{ openstack_default_flavor }}"
+ node_flavor: "{{ openstack_default_flavor }}"
+ infra_flavor: "{{ openstack_default_flavor }}"
+ dns_flavor: "{{ openstack_dns_flavor | default('m1.small') }}"
+ external_network: "{{ openstack_external_network_name }}"
+ num_etcd: 0
+ num_masters: "{{ openstack_num_masters }}"
+ num_nodes: "{{ openstack_num_nodes }}"
+ num_infra: "{{ openstack_num_infra }}"
+ num_dns: "{{ openstack_num_dns | default(1) }}"
+ master_volume_size: "{{ docker_volume_size }}"
+ app_volume_size: "{{ docker_volume_size }}"
+ infra_volume_size: "{{ docker_volume_size }}"
+
+
+- name: Refresh Server inventory
+ hosts: localhost
+ connection: local
+ gather_facts: False
+ tasks:
+ - meta: refresh_inventory
+
+- hosts: cluster_hosts
+ gather_facts: false
+ tasks:
+ - name: Debug hostvar
+ debug:
+ msg: "{{ hostvars[inventory_hostname] }}"
+ verbosity: 2
+ - name: waiting for server to come back
+ local_action: wait_for host={{ hostvars[inventory_hostname]['ansible_ssh_host'] }} port=22 delay=30 timeout=300
+ become: false
+
+- include: post-provision-openstack.yml