Add ability to generate keypair on-the-fly

This change adds a flag 'generate_keypair' that makes the
role to generate an ssh keypair, create an OpenStack keypair with
it and all the servers of the play will have that key baked in.
The folder, key type and key length are also configurable.

Change-Id: Iccbec24e9834c1fa03da8add94e069f622024537
This commit is contained in:
Ricardo Carrillo Cruz 2016-06-21 18:54:38 +00:00
parent 0622bb8088
commit adc37970ab
5 changed files with 186 additions and 80 deletions

View File

@ -1,3 +1,7 @@
---
os_client_config_cloud: envvars
os_validate_certs: no
generate_keypair: no
generate_keypair_folder: /tmp
generate_keypair_key_type: rsa
generate_keypair_key_bits: 2048

View File

@ -361,76 +361,4 @@
tags:
- volumes
- name: Create per-cloud servers for {{ item_cloud.name }}
os_server:
cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}"
state: "{{ item.state|default(omit) }}"
name: "{{ item.name }}"
image: "{{ item.image }}"
auto_ip: "{{ item.auto_ip|default(omit) }}"
boot_from_volume: "{{ item.boot_from_volume|default(omit) }}"
boot_volume: "{{ item.boot_volume|default(omit) }}"
config_drive: "{{ item.config_drive|default(omit) }}"
flavor: "{{ item.flavor|default(omit) }}"
flavor_include: "{{ item.flavor_include|default(omit) }}"
flavor_ram: "{{ item.flavor_ram|default(omit) }}"
floating_ip_pools: "{{ item.floating_ip_pools|default(omit) }}"
floating_ips: "{{ item.floating_ips|default(omit) }}"
image_exclude: "{{ item.image_exclude|default(omit) }}"
key: "{{ item.key|default(omit) }}"
key_name: "{{ item.key_name|default(omit) }}"
meta: "{{ item.meta|default(omit) }}"
network: "{{ item.network|default(omit) }}"
nics: "{{ item.nics|default(omit) }}"
scheduler_hints: "{{ item.scheduler_hints|default(omit) }}"
security_groups: "{{ item.security_groups|default(omit) }}"
terminate_volume: "{{ item.terminate_volume|default(omit) }}"
userdata: "{{ item.userdata|default(omit) }}"
volume_size: "{{ item.volume_size|default(omit) }}"
volumes: "{{ item.volumes|default(omit) }}"
with_items: "{{ item_cloud.servers|default([]) }}"
tags:
- servers
register: os_server_result
- add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }}
with_items: "{{ os_server_result.results }}"
- name: Create profiles servers for {{ item_cloud.name }}
os_server:
cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}"
state: "{{ item.1.state|default(omit) }}"
name: "{{ item.1.name }}"
image: "{{ item.1.image }}"
auto_ip: "{{ item.1.auto_ip|default(omit) }}"
boot_from_volume: "{{ item.1.boot_from_volume|default(omit) }}"
boot_volume: "{{ item.1.boot_volume|default(omit) }}"
config_drive: "{{ item.1.config_drive|default(omit) }}"
flavor: "{{ item.1.flavor|default(omit) }}"
flavor_include: "{{ item.1.flavor_include|default(omit) }}"
flavor_ram: "{{ item.1.flavor_ram|default(omit) }}"
floating_ip_pools: "{{ item.1.floating_ip_pools|default(omit) }}"
floating_ips: "{{ item.1.floating_ips|default(omit) }}"
image_exclude: "{{ item.1.image_exclude|default(omit) }}"
key: "{{ item.1.key|default(omit) }}"
key_name: "{{ item.1.key_name|default(omit) }}"
meta: "{{ item.1.meta|default(omit) }}"
network: "{{ item.1.network|default(omit) }}"
nics: "{{ item.1.nics|default(omit) }}"
scheduler_hints: "{{ item.1.scheduler_hints|default(omit) }}"
security_groups: "{{ item.1.security_groups|default(omit) }}"
terminate_volume: "{{ item.1.terminate_volume|default(omit) }}"
userdata: "{{ item.1.userdata|default(omit) }}"
volume_size: "{{ item.1.volume_size|default(omit) }}"
volumes: "{{ item.1.volumes|default(omit) }}"
with_subelements:
- "{{ profiles|default([]) }}"
- servers
- { skip_missing: yes }
when: "{{ item_cloud.profiles is defined and item.0.name in item_cloud.profiles }}"
tags:
- servers
register: os_server_result
- add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }}
with_items: "{{ os_server_result.results }}"
- include: create_servers.yml

168
tasks/create_servers.yml Normal file
View File

@ -0,0 +1,168 @@
---
- block:
- name: Generate keypair name
set_fact: cl_generated_keypair_name=launch-{{ lookup('pipe', "date +'%s'") }}
- name: Generate SSH keys
shell: ssh-keygen -t "{{ generate_keypair_key_type }}" -b "{{ generate_keypair_key_bits }}" -N '' -f "{{ generate_keypair_folder }}"/"{{ cl_generated_keypair_name }}"
- name: Store public key filename path
set_fact: cl_generated_keypair_public_key_filename={{ generate_keypair_folder}}/{{ cl_generated_keypair_name }}.pub
- name: Store private key filename path
set_fact: cl_generated_keypair_private_key_filename={{ generate_keypair_folder}}/{{ cl_generated_keypair_name }}
- name: Create OpenStack keypair {{ cl_generated_keypair_name }}
os_keypair:
cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}"
state: present
name: "{{ cl_generated_keypair_name }}"
public_key_file: "{{ cl_generated_keypair_public_key_filename }}"
- name: Create per-cloud servers for {{ item_cloud.name }}
os_server:
cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}"
state: "{{ item.state|default(omit) }}"
name: "{{ item.name }}"
image: "{{ item.image }}"
auto_ip: "{{ item.auto_ip|default(omit) }}"
boot_from_volume: "{{ item.boot_from_volume|default(omit) }}"
boot_volume: "{{ item.boot_volume|default(omit) }}"
config_drive: "{{ item.config_drive|default(omit) }}"
flavor: "{{ item.flavor|default(omit) }}"
flavor_include: "{{ item.flavor_include|default(omit) }}"
flavor_ram: "{{ item.flavor_ram|default(omit) }}"
floating_ip_pools: "{{ item.floating_ip_pools|default(omit) }}"
floating_ips: "{{ item.floating_ips|default(omit) }}"
image_exclude: "{{ item.image_exclude|default(omit) }}"
key: "{{ item.key|default(omit) }}"
key_name: "{{ cl_generated_keypair_name }}"
meta: "{{ item.meta|default(omit) }}"
network: "{{ item.network|default(omit) }}"
nics: "{{ item.nics|default(omit) }}"
scheduler_hints: "{{ item.scheduler_hints|default(omit) }}"
security_groups: "{{ item.security_groups|default(omit) }}"
terminate_volume: "{{ item.terminate_volume|default(omit) }}"
userdata: "{{ item.userdata|default(omit) }}"
volume_size: "{{ item.volume_size|default(omit) }}"
volumes: "{{ item.volumes|default(omit) }}"
with_items: "{{ item_cloud.servers|default([]) }}"
tags:
- servers
register: os_server_result
- add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }}
with_items: "{{ os_server_result.results }}"
- name: Create profiles servers for {{ item_cloud.name }}
os_server:
cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}"
state: "{{ item.1.state|default(omit) }}"
name: "{{ item.1.name }}"
image: "{{ item.1.image }}"
auto_ip: "{{ item.1.auto_ip|default(omit) }}"
boot_from_volume: "{{ item.1.boot_from_volume|default(omit) }}"
boot_volume: "{{ item.1.boot_volume|default(omit) }}"
config_drive: "{{ item.1.config_drive|default(omit) }}"
flavor: "{{ item.1.flavor|default(omit) }}"
flavor_include: "{{ item.1.flavor_include|default(omit) }}"
flavor_ram: "{{ item.1.flavor_ram|default(omit) }}"
floating_ip_pools: "{{ item.1.floating_ip_pools|default(omit) }}"
floating_ips: "{{ item.1.floating_ips|default(omit) }}"
image_exclude: "{{ item.1.image_exclude|default(omit) }}"
key: "{{ item.1.key|default(omit) }}"
key_name: "{{ cl_generated_keypair_name }}"
meta: "{{ item.1.meta|default(omit) }}"
network: "{{ item.1.network|default(omit) }}"
nics: "{{ item.1.nics|default(omit) }}"
scheduler_hints: "{{ item.1.scheduler_hints|default(omit) }}"
security_groups: "{{ item.1.security_groups|default(omit) }}"
terminate_volume: "{{ item.1.terminate_volume|default(omit) }}"
userdata: "{{ item.1.userdata|default(omit) }}"
volume_size: "{{ item.1.volume_size|default(omit) }}"
volumes: "{{ item.1.volumes|default(omit) }}"
with_subelements:
- "{{ profiles|default([]) }}"
- servers
- { skip_missing: yes }
when: "{{ item_cloud.profiles is defined and item.0.name in item_cloud.profiles }}"
tags:
- servers
register: os_server_result
- add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }}
with_items: "{{ os_server_result.results }}"
when: generate_keypair|bool
- block:
- name: Create per-cloud servers for {{ item_cloud.name }}
os_server:
cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}"
state: "{{ item.state|default(omit) }}"
name: "{{ item.name }}"
image: "{{ item.image }}"
auto_ip: "{{ item.auto_ip|default(omit) }}"
boot_from_volume: "{{ item.boot_from_volume|default(omit) }}"
boot_volume: "{{ item.boot_volume|default(omit) }}"
config_drive: "{{ item.config_drive|default(omit) }}"
flavor: "{{ item.flavor|default(omit) }}"
flavor_include: "{{ item.flavor_include|default(omit) }}"
flavor_ram: "{{ item.flavor_ram|default(omit) }}"
floating_ip_pools: "{{ item.floating_ip_pools|default(omit) }}"
floating_ips: "{{ item.floating_ips|default(omit) }}"
image_exclude: "{{ item.image_exclude|default(omit) }}"
key: "{{ item.key|default(omit) }}"
key_name: "{{ item.key_name|default(omit) }}"
meta: "{{ item.meta|default(omit) }}"
network: "{{ item.network|default(omit) }}"
nics: "{{ item.nics|default(omit) }}"
scheduler_hints: "{{ item.scheduler_hints|default(omit) }}"
security_groups: "{{ item.security_groups|default(omit) }}"
terminate_volume: "{{ item.terminate_volume|default(omit) }}"
userdata: "{{ item.userdata|default(omit) }}"
volume_size: "{{ item.volume_size|default(omit) }}"
volumes: "{{ item.volumes|default(omit) }}"
with_items: "{{ item_cloud.servers|default([]) }}"
tags:
- servers
register: os_server_result
- add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }}
with_items: "{{ os_server_result.results }}"
- name: Create profiles servers for {{ item_cloud.name }}
os_server:
cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}"
state: "{{ item.1.state|default(omit) }}"
name: "{{ item.1.name }}"
image: "{{ item.1.image }}"
auto_ip: "{{ item.1.auto_ip|default(omit) }}"
boot_from_volume: "{{ item.1.boot_from_volume|default(omit) }}"
boot_volume: "{{ item.1.boot_volume|default(omit) }}"
config_drive: "{{ item.1.config_drive|default(omit) }}"
flavor: "{{ item.1.flavor|default(omit) }}"
flavor_include: "{{ item.1.flavor_include|default(omit) }}"
flavor_ram: "{{ item.1.flavor_ram|default(omit) }}"
floating_ip_pools: "{{ item.1.floating_ip_pools|default(omit) }}"
floating_ips: "{{ item.1.floating_ips|default(omit) }}"
image_exclude: "{{ item.1.image_exclude|default(omit) }}"
key: "{{ item.1.key|default(omit) }}"
key_name: "{{ item.1.key_name|default(omit) }}"
meta: "{{ item.1.meta|default(omit) }}"
network: "{{ item.1.network|default(omit) }}"
nics: "{{ item.1.nics|default(omit) }}"
scheduler_hints: "{{ item.1.scheduler_hints|default(omit) }}"
security_groups: "{{ item.1.security_groups|default(omit) }}"
terminate_volume: "{{ item.1.terminate_volume|default(omit) }}"
userdata: "{{ item.1.userdata|default(omit) }}"
volume_size: "{{ item.1.volume_size|default(omit) }}"
volumes: "{{ item.1.volumes|default(omit) }}"
with_subelements:
- "{{ profiles|default([]) }}"
- servers
- { skip_missing: yes }
when: "{{ item_cloud.profiles is defined and item.0.name in item_cloud.profiles }}"
tags:
- servers
register: os_server_result
- add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }}
with_items: "{{ os_server_result.results }}"
when: not generate_keypair|bool

View File

@ -22,43 +22,49 @@
post_tasks:
- name: Querying for test_domain domain
shell: openstack --os-cloud devstack-admin domain show test_domain
command: openstack --os-cloud devstack-admin domain show test_domain
register: result
changed_when: False
- name: Assert test_domain domain has been created
assert: { that: result.rc == 0 }
- name: Querying for test_project project
shell: openstack --os-cloud devstack-admin project show test_project --domain test_domain
command: openstack --os-cloud devstack-admin project show test_project --domain test_domain
register: result
changed_when: False
- name: Assert test_project project has been created
assert: { that: result.rc == 0 }
- name: Querying for test_user user
shell: openstack --os-cloud devstack-admin user show test_user --domain test_domain
command: openstack --os-cloud devstack-admin user show test_user --domain test_domain
register: result
changed_when: False
- name: Assert test_user user has been created
assert: { that: result.rc == 0 }
- name: Querying for test_server_a server
shell: openstack --os-cloud devstack-admin server show test_server_a
command: openstack --os-cloud devstack-admin server show test_server_a
register: result
changed_when: False
- name: Assert test-server-a server has been created
assert: { that: result.rc == 0 }
- name: Querying for test_server_b server
shell: openstack --os-cloud devstack server show test_server_b
command: openstack --os-cloud devstack server show test_server_b
register: result
changed_when: False
- name: Assert test_server_a server has been created
assert: { that: result.rc == 0 }
- name: Querying for test_network network
shell: openstack --os-cloud devstack network show test_network
command: openstack --os-cloud devstack network show test_network
register: result
changed_when: False
- name: Assert test-network network has been created
assert: { that: result.rc == 0 }

View File

@ -38,7 +38,7 @@ commands =
# PEP8 Lint Check
flake8
# Ansible Lint Check
bash -c "find . -type f -regex '.*.y[a]?ml' -print0 | xargs -t -n1 -0 \
bash -c "find . -type f -regex '.*.y[a]?ml' ! -path './.tox/*' -print0 | xargs -t -n1 -0 \
ansible-lint"
# Ansible Syntax Check
bash -c "find tests -type f -regex '.*.y[a]?ml' ! -name 'resources.yml' \