x
/
infra-ansible
Code Issues Proposed changes

Switch the provisioning step to the cloud launcher role 

I've been slowly decoupling the provisioning role from infra-ansible
into its own role:

http://git.openstack.org/cgit/openstack/ansible-role-cloud-launcher

Now that it has feature parity and it is gating in OpenStack CI,
just use it and remove setup_openstack_resources roles.

Change-Id: I4810d0bdb57cf1f069f20fb133f5f2afe15e4e87
This commit is contained in:
Ricardo Carrillo Cruz 2016-06-06 08:41:46 +00:00
parent 973ecb7bac
commit efd0234300
13 changed files with 192 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,5 +1,5 @@
venv/
infra_config.yml
resources.yml
inventory/openstack.py
.tox
*.retry

6
README.md
View File

@ -3,14 +3,14 @@ Instructions
1. Run ``source setup_env.sh``
3. Source your OpenStack cloud environment variables rc file
3. Run ``cp infra_config.yml.sample infra_config.yml``
4. Edit infra_config.yml and put your environment values
3. Run ``cp resources.yml.sample resources.yml``
4. Edit resources.yml and put your environment values
5. Run ``bash run.sh``
Notes
=====
In infra_config.yml you may specify public key file instead of public key content, in the following way:
In resources.yml you may specify public key file instead of public key content, in the following way:
keypairs:
- name: my_key_file

1
ansible.cfg
View File

@ -1,2 +1,3 @@
[defaults]
host_key_checking=no
roles_path=./roles

44
infra_config.yml.sample
View File

@ -1,44 +0,0 @@
---
os_client_config_cloud: envvars
system_config_repo_url: git@your_git_server/system-config.git
key_name: your_openstack_key_name
domainname: yourdomain
keypairs:
- name: my_key_name
public_key: my_public_key_content
infra_servers:
- name: puppetmaster
image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
flavor: standard.small
net_name: your_neutron_network
security_groups: default
infra_type: puppetmaster
- name: zuul
image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
flavor: standard.small
net_name: your_neutron_network
security_groups: default
infra_type: zuul
- name: jenkins
image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
flavor: standard.medium
net_name: your_neutron_network
security_groups: "default,webserver"
infra_type: jenkins
- name: gerrit
image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
flavor: standard.large
net_name: your_neutron_network
security_groups: "default,webserver"
infra_type: gerrit
volumes:
- name: gerrit_volume
size: 40
- name: gerrit_volume2
size: 60
- name: nodepool
image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
flavor: standard.small
net_name: your_neutron_network
security_groups: default
infra_type: nodepool

2
requirements.txt
View File

@ -1,3 +1,3 @@
ansible==2.0.0.2
ansible==2.1.0
shade
jinja2

3
requirements.yml Normal file
View File

@ -0,0 +1,3 @@
- src: git+git://git.openstack.org/openstack/ansible-role-cloud-launcher.git
version: HEAD
name: cloud_launcher

176
resources.yml.sample Normal file
View File

@ -0,0 +1,176 @@
profiles:
- name: admin-clouds
domains:
- name: ops
description: Ops team domain
- name: qa
description: QA team domain
- name: rnd
description: R&D team domain
projects:
- name: ops
domain: ops
description: Ops team project
- name: qa
domain: qa
description: QA team project
- name: rnd
domain: rnd
description: RnD team project
users:
- name: opsadmin
password: changeme
email: opsadmin@aoclcompany.aocl
domain: ops
default_project: ops
- name: qaadmin
password: changeme
email: qaadmin@aoclcompany.aocl
domain: qa
default_project: qa
- name: rndadmin
password: changeme
email: rndadmin@aoclcompany.aocl
domain: rnd
default_project: rnd
flavors:
- name: aoclcompany.xlarge
ram: 128
vcpus: 1
disk: 0
- name: aoclcompany.large
ram: 64
vcpus: 1
disk: 0
images:
- name: ubuntu-trusty
filename: /home/ubuntu/trusty-server-cloudimg-amd64-disk1.img
- name: ops
networks:
- name: ops-net
subnets:
- name: ops-subnet
network_name: ops-net
cidr: 192.168.0.0/24
dns_nameservers:
- 8.8.8.8
routers:
- name: ops-router
network: public
interfaces: ops-subnet
security_groups:
- name: webserver
description: Allow HTTP/HTTPS traffic
images:
- name: ubuntu-trusty
filename: /home/ubuntu/trusty-server-cloudimg-amd64-disk1.img
security_groups_rules:
- security_group: webserver
protocol: tcp
port_range_min: 80
port_range_max: 80
remote_ip_prefix: 0.0.0.0/0
- security_group: webserver
protocol: tcp
port_range_min: 443
port_range_max: 443
remote_ip_prefix: 0.0.0.0/0
servers:
- name: nagios
image: ubuntu-trusty
key_name: bootstrap-key
flavor: m1.small
security_groups: webserver
network: ops-net
- name: qa
networks:
- name: qa-net
subnets:
- name: qa-subnet
network_name: qa-net
cidr: 192.168.1.0/24
dns_nameservers:
- 8.8.8.8
routers:
- name: qa-router
network: public
interfaces: qa-subnet
security_groups:
- name: webserver
description: Allow HTTP/HTTPS traffic
- name: altwebserver
description: Allow 8080 traffic
security_groups_rules:
- security_group: webserver
protocol: tcp
port_range_min: 80
port_range_max: 80
remote_ip_prefix: 0.0.0.0/0
- security_group: webserver
protocol: tcp
port_range_min: 443
port_range_max: 443
remote_ip_prefix: 0.0.0.0/0
- security_group: altwebserver
protocol: tcp
port_range_min: 8080
port_range_max: 8080
remote_ip_prefix: 0.0.0.0/0
servers:
- name: jenkins
image: cirros-0.3.4-x86_64-uec
key_name: bootstrap-key
flavor: m1.tiny
security_groups: altwebserver
network: qa-net
- name: rnd
networks:
- name: rnd-net
subnets:
- name: rnd-subnet
network_name: rnd-net
cidr: 192.168.2.0/24
dns_nameservers:
- 8.8.8.8
routers:
- name: rnd-router
network: public
interfaces: rnd-subnet
security_groups:
- name: openwide
description: Allow all traffic
security_groups_rules:
- security_group: openwide
protocol: tcp
remote_ip_prefix: 0.0.0.0/0
servers:
- name: docker-registry
image: cirros-0.3.4-x86_64-uec
key_name: bootstrap-key
flavor: m1.tiny
security_groups: openwide
network: rnd-net
- name: bootstrap-keypair
keypairs:
- name: bootstrap-key
public_key_file: /home/ubuntu/.ssh/id_rsa.pub
clouds:
- name: awesomecloud
profiles:
- admin-clouds
- bootstrap-keypair
- name: yaycloud-ops
oscc_cloud: yaycloud-opsuser
profiles:
- bootstrap-keypair
- ops
- name: yaycloud-qa
oscc_cloud: yaycloud-qauser
profiles:
- bootstrap-keypair
- qa
- name: yaycloud-rnd
oscc_cloud: yaycloud-rnduser
profiles:
- bootstrap-keypair
- rnd

3
roles/setup_openstack_resources/defaults/main.yml
View File

@ -1,3 +0,0 @@
---
os_client_config_cloud: envvars
os_validate_certs: no

53
roles/setup_openstack_resources/tasks/main.yml
View File

@ -1,53 +0,0 @@
---
- name: Create keypairs
os_keypair:
state: present
cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}"
name: "{{ item.name | default(key_name) }}"
public_key: "{{ item.public_key | default(omit) }}"
public_key_file: "{{ item.public_key_file | default(omit) }}"
validate_certs: "{{ os_validate_certs }}"
with_items: keypairs
- name: Create instances
os_server:
state: present
cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}"
name: "{{ item.name }}.{{ domainname }}"
image: "{{ item.image }}"
key_name: "{{ key_name }}"
timeout: 200
flavor: "{{ item.flavor }}"
nics:
- net-name: "{{ item.net_name }}"
security_groups: "{{ item.security_groups }}"
auto_floating_ip: yes
meta:
group: infra
infra_type: "{{ item.infra_type }}"
validate_certs: "{{ os_validate_certs }}"
with_items: infra_servers
- name: Create volumes
os_volume:
state: present
cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}"
display_name: "{{ item.1.name }}"
size: "{{ item.1.size }}"
validate_certs: "{{ os_validate_certs }}"
with_subelements:
- infra_servers
- volumes
- { skip_missing: yes }
- name: Attach volumes
os_server_volume:
state: present
cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}"
server: "{{ item.0.name }}.{{ domainname }}"
volume: "{{ item.1.name }}"
validate_certs: "{{ os_validate_certs }}"
with_subelements:
- infra_servers
- volumes
- { skip_missing: yes }

2
run.sh
View File

@ -1,3 +1,3 @@
#!/bin/bash
ansible-playbook -i hosts setup_openstack_resources.yml -e "@infra_config.yml"
ansible-playbook -i hosts setup_openstack_resources.yml -e "@resources.yml"
ansible-playbook -i inventory/openstack.py site.yml -e "@infra_config.yml"

3
setup_env.sh
View File

@ -40,6 +40,9 @@ if [[ ! -d inventory ]]; then
mkdir inventory
fi
# Install roles dependencies from requirements.yml
ansible-galaxy install -r requirements.yml
# Install Ansible openstack inventory
wget https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack.py -O inventory/openstack.py
chmod +x inventory/openstack.py

2
setup_openstack_resources.yml
View File

@ -3,4 +3,4 @@
- hosts: localhost
connection: local
roles:
- { role: setup_openstack_resources }
- { role: cloud_launcher }

3
tox.ini
View File

@ -14,4 +14,5 @@ deps = -r{toxinidir}/requirements.txt
changedir = {toxinidir}
commands =
/usr/bin/wget -N https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack.py
/bin/bash -c "/usr/bin/find -maxdepth 1 -name '*.yml' ! -name 'infra_config.yml'| /usr/bin/xargs -n1 ansible-playbook --syntax-check --list-tasks -i hosts"
ansible-galaxy install -r requirements.yml
/bin/bash -c "/usr/bin/find -maxdepth 1 -name '*.yml' ! -name 'infra_config.yml' ! -name 'requirements.yml' | /usr/bin/xargs -n1 ansible-playbook --syntax-check --list-tasks -i hosts"