diff --git a/.gitignore b/.gitignore index 50c32d086..9e643f78d 100644 --- a/.gitignore +++ b/.gitignore @@ -55,6 +55,9 @@ ansible/roles/mrlesmithjr.manage-lvm/ ansible/roles/MichaelRigart.interfaces/ ansible/roles/stackhpc.drac/ ansible/roles/stackhpc.drac-facts/ +ansible/roles/stackhpc.os-openstackclient/ +ansible/roles/stackhpc.os-projects/ +ansible/roles/stackhpc.os-shade/ ansible/roles/resmo.ntp/ ansible/roles/yatesr.timezone/ diff --git a/ansible/compute-node-flavors.yml b/ansible/compute-node-flavors.yml index e3fe038ad..deec58987 100644 --- a/ansible/compute-node-flavors.yml +++ b/ansible/compute-node-flavors.yml @@ -10,8 +10,8 @@ venv: "{{ ansible_env.PWD }}/shade-venv" flavor_base_name: baremetal- roles: - - role: openstackclient - openstackclient_venv: "{{ venv }}" + - role: stackhpc.os-openstackclient + os_openstackclient_venv: "{{ venv }}" tasks: - name: Get a list of ironic nodes diff --git a/ansible/compute-node-provide.yml b/ansible/compute-node-provide.yml index d0f04d753..8c71e9479 100644 --- a/ansible/compute-node-provide.yml +++ b/ansible/compute-node-provide.yml @@ -8,8 +8,8 @@ vars: venv: "{{ ansible_env.PWD }}/shade-venv" roles: - - role: openstackclient - openstackclient_venv: "{{ venv }}" + - role: stackhpc.os-openstackclient + os_openstackclient_venv: "{{ venv }}" tasks: - name: Get a list of ironic nodes shell: > diff --git a/ansible/overcloud-introspection-rules.yml b/ansible/overcloud-introspection-rules.yml index a4df75f88..946ae7ac2 100644 --- a/ansible/overcloud-introspection-rules.yml +++ b/ansible/overcloud-introspection-rules.yml @@ -19,8 +19,8 @@ - config-validation roles: - - role: openstackclient - openstackclient_venv: "{{ venv }}" + - role: stackhpc.os-openstackclient + os_openstackclient_venv: "{{ venv }}" - name: Ensure introspection rules are registered in Ironic Inspector # Only required to run on a single host. diff --git a/ansible/requirements.yml b/ansible/requirements.yml index 94e8a3f28..c0b4e2ac1 100644 --- a/ansible/requirements.yml +++ b/ansible/requirements.yml @@ -10,4 +10,5 @@ - src: resmo.ntp - src: stackhpc.drac - src: stackhpc.drac-facts +- src: stackhpc.os-projects - src: yatesr.timezone diff --git a/ansible/roles/ipa-images/meta/main.yml b/ansible/roles/ipa-images/meta/main.yml index d30e6bdf5..c75c01c42 100644 --- a/ansible/roles/ipa-images/meta/main.yml +++ b/ansible/roles/ipa-images/meta/main.yml @@ -1,4 +1,4 @@ --- dependencies: - - role: shade - shade_venv: "{{ ipa_images_venv }}" + - role: stackhpc.os-shade + os_shade_venv: "{{ ipa_images_venv }}" diff --git a/ansible/roles/ironic-inspector-rules/meta/main.yml b/ansible/roles/ironic-inspector-rules/meta/main.yml index b3c8684f5..9dbaa448b 100644 --- a/ansible/roles/ironic-inspector-rules/meta/main.yml +++ b/ansible/roles/ironic-inspector-rules/meta/main.yml @@ -1,4 +1,4 @@ --- dependencies: - - role: shade - shade_venv: "{{ ironic_inspector_venv }}" + - role: stackhpc.os-shade + os_shade_venv: "{{ ironic_inspector_venv }}" diff --git a/ansible/roles/neutron-net/meta/main.yml b/ansible/roles/neutron-net/meta/main.yml index 1814cdad8..d38acc41c 100644 --- a/ansible/roles/neutron-net/meta/main.yml +++ b/ansible/roles/neutron-net/meta/main.yml @@ -1,4 +1,4 @@ --- dependencies: - - role: shade - shade_venv: "{{ neutron_net_venv }}" + - role: stackhpc.os-shade + os_shade_venv: "{{ neutron_net_venv }}" diff --git a/ansible/roles/nova-flavors/meta/main.yml b/ansible/roles/nova-flavors/meta/main.yml index 9a918dafb..6b8be6954 100644 --- a/ansible/roles/nova-flavors/meta/main.yml +++ b/ansible/roles/nova-flavors/meta/main.yml @@ -1,4 +1,4 @@ --- dependencies: - - role: shade - shade_venv: "{{ nova_flavors_venv }}" + - role: stackhpc.os-shade + os_shade_venv: "{{ nova_flavors_venv }}" diff --git a/ansible/roles/openstackclient/defaults/main.yml b/ansible/roles/openstackclient/defaults/main.yml deleted file mode 100644 index 0918fa36a..000000000 --- a/ansible/roles/openstackclient/defaults/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -# Path to a directory in which to create a virtualenv. -openstackclient_venv: diff --git a/ansible/roles/openstackclient/tasks/main.yml b/ansible/roles/openstackclient/tasks/main.yml deleted file mode 100644 index 46812df8b..000000000 --- a/ansible/roles/openstackclient/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -- name: Ensure EPEL repo is installed - yum: - name: epel-release - state: installed - become: True - -- name: Ensure required packages are installed - yum: - name: "{{ item }}" - state: installed - become: True - with_items: - - gcc - - libffi-devel - - openssl-devel - - python-devel - - python-pip - - python-virtualenv - -- name: Ensure the latest version of pip is installed - pip: - name: "{{ item.name }}" - state: latest - virtualenv: "{{ openstackclient_venv }}" - with_items: - - { name: pip } - -- name: Ensure required Python packages are installed - pip: - name: "{{ item.name }}" - version: "{{ item.version | default(omit) }}" - state: present - virtualenv: "{{ openstackclient_venv }}" - with_items: - - name: python-openstackclient diff --git a/ansible/roles/projects/defaults/main.yml b/ansible/roles/projects/defaults/main.yml deleted file mode 100644 index 6f93ac6d6..000000000 --- a/ansible/roles/projects/defaults/main.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -# Path to a directory in which to create a virtualenv. -projects_venv: - -# Authentication type as used by os_* modules' 'auth_type' argument. -projects_auth_type: - -# Authentication options for admin as used by os_* modules' 'auth' argument. -projects_admin_auth: {} - -# Environment variables for use with os_* modules. -projects_environment: - OS_IDENTITY_API_VERSION: 3 - -# List of projects to create. -# Each item should be a dict containing the following items: -# 'name': The name of the project. -# 'description': A description of the project. -# 'project_domain': The domain in which to register the project. -# 'user_domain': The domain in which to register users. -# 'users': List of users to register. Each user should be a dict containing -# the following items: -# 'name': The name of the user. -# 'password': The user's password. -# 'roles': A list of roles to assign to the user. -# 'openrc_file': Path to an environment file to create. -# 'keypairs': List of SSH key pairs to register with Nova. Each key pair -# should be a dict containing the following items: -# 'name': The name of the keypair. -# 'public_key': The SSH public key contents. Optional. -# 'public_key_file': Path to the SSH public key on the control -# host. -# 'quotas': Dict mapping quota names to their values. -projects: [] diff --git a/ansible/roles/projects/meta/main.yml b/ansible/roles/projects/meta/main.yml deleted file mode 100644 index 4d347d44f..000000000 --- a/ansible/roles/projects/meta/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -dependencies: - - role: shade - shade_venv: "{{ projects_venv }}" - - - role: openstackclient - openstackclient_venv: "{{ projects_venv }}" diff --git a/ansible/roles/projects/tasks/main.yml b/ansible/roles/projects/tasks/main.yml deleted file mode 100644 index 985840cf2..000000000 --- a/ansible/roles/projects/tasks/main.yml +++ /dev/null @@ -1,115 +0,0 @@ ---- -- name: Set a fact to ensure Ansible uses the python interpreter in the virtualenv - set_fact: - ansible_python_interpreter: "{{ projects_venv }}/bin/python" - -- name: Ensure the test project exists - os_project: - auth_type: "{{ projects_auth_type }}" - auth: "{{ projects_admin_auth }}" - name: "{{ item.name }}" - description: "{{ item.description }}" - domain_id: "{{ item.project_domain }}" - state: present - enabled: True - wait: yes - with_items: "{{ projects }}" - environment: "{{ projects_environment }}" - -- name: Ensure test project users exist - os_user: - auth_type: "{{ projects_auth_type }}" - auth: "{{ projects_admin_auth }}" - name: "{{ item.1.name }}" - password: "{{ item.1.password }}" - default_project: "{{ item.0.name }}" - domain: "{{ item.0.project_domain }}" - state: present - enabled: True - wait: yes - with_subelements: - - "{{ projects }}" - - users - environment: "{{ projects_environment }}" - -- name: Initiliase a fact containing flattened user roles - set_fact: - projects_user_roles: [] - -- name: Update a fact containing flattened user roles - set_fact: - projects_user_roles: > - {{ projects_user_roles + - [{'project': item.0.name, - 'name': item.1.name, - 'roles': item.1.roles}] }} - with_subelements: - - "{{ projects }}" - - users - -- name: Ensure test project users have required roles - os_user_role: - auth_type: "{{ projects_auth_type }}" - auth: "{{ projects_admin_auth }}" - user: "{{ item.0.name }}" - project: "{{ item.0.project }}" - role: "{{ item.1 }}" - state: present - with_subelements: - - "{{ projects_user_roles }}" - - roles - environment: "{{ projects_environment }}" - -- name: Ensure SSH keypairs are registered - os_keypair: - auth_type: "{{ projects_auth_type }}" - auth: "{{ projects_admin_auth | combine(projects_user_auth_overrides) }}" - name: "{{ item.1.name }}" - public_key_file: "{{ item.1.public_key_file | default(omit) }}" - public_key: "{{ item.1.public_key | default(omit) }}" - state: present - with_subelements: - - "{{ projects }}" - - keypairs - environment: "{{ projects_environment }}" - vars: - # Authentication option overrides for non-admin user as used by os_* - # modules' 'auth' argument. - projects_user_auth_overrides: - project_domain_name: "{{ item.0.project_domain }}" - user_domain_name: "{{ item.0.user_domain }}" - project_name: "{{ item.0.name }}" - username: "{{ item.0.users[0].name }}" - password: "{{ item.0.users[0].password }}" - -# This variable is unset before we set it, and it does not appear to be -# possible to unset a variable in Ansible. -- name: Set a fact to reset the Ansible python interpreter - set_fact: - ansible_python_interpreter: /usr/bin/python - -# The os_quota module is not available in Ansible 2.2. It will be added in -# Ansible 2.3, at which point we should use it here. -- name: Ensure quotas are set - shell: > - source {{ projects_venv }}/bin/activate && - openstack - {% for auth_name, auth_value in projects_admin_auth.items() %} - --os-{{ auth_name | replace('_', '-') }}='{{ auth_value }}' - {% endfor %} - quota set {{ item.name }} - {% for name, value in item.quotas.items() %} --{{ name | replace('_', '-') }}={{ value }}{% endfor %} - when: "{{ item.quotas }}" - with_items: "{{ projects }}" - environment: "{{ projects_environment }}" - -- name: Ensure openrc environment file exists - local_action: - module: template - src: openrc.j2 - dest: "{{ item.1.openrc_file }}" - mode: 0600 - with_subelements: - - "{{ projects }}" - - users - when: "{{ item.openrc_file is defined }}" diff --git a/ansible/roles/projects/templates/openrc.j2 b/ansible/roles/projects/templates/openrc.j2 deleted file mode 100644 index 74b7020ca..000000000 --- a/ansible/roles/projects/templates/openrc.j2 +++ /dev/null @@ -1,17 +0,0 @@ -# {{ ansible_managed }} -# This is an openrc environment file for OpenStack user {{ item.1.name }} in -# project {{ item.0.name }}. -{% set projects_user_auth_overrides = { - "project_domain_name": "{{ item.0.project_domain }}", - "user_domain_name": "{{ item.0.user_domain }}", - "project_name": "{{ item.0.name }}", - "username": "{{ item.1.name }}", - "password": "{{ item.1.password }}", -} %} -{% set projects_auth = projects_admin_auth | combine(projects_user_auth_overrides) %} -{% for name, value in projects_auth.items() %} -export OS_{{ name | upper }}={{ value }} -{% endfor %} -{% for name, value in projects_environment.items() %} -export {{ name }}={{ value }} -{% endfor %} diff --git a/ansible/roles/shade/defaults/main.yml b/ansible/roles/shade/defaults/main.yml deleted file mode 100644 index 612ccf520..000000000 --- a/ansible/roles/shade/defaults/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -# Path to a directory in which to create a virtualenv. -shade_venv: diff --git a/ansible/roles/shade/tasks/main.yml b/ansible/roles/shade/tasks/main.yml deleted file mode 100644 index 51fa9b3c0..000000000 --- a/ansible/roles/shade/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -- name: Ensure EPEL repo is installed - yum: - name: epel-release - state: installed - become: True - -- name: Ensure required packages are installed - yum: - name: "{{ item }}" - state: installed - become: True - with_items: - - gcc - - libffi-devel - - openssl-devel - - python-devel - - python-pip - - python-virtualenv - -- name: Ensure the latest version of pip is installed - pip: - name: "{{ item.name }}" - state: latest - virtualenv: "{{ shade_venv }}" - with_items: - - { name: pip } - -- name: Ensure required Python packages are installed - pip: - name: "{{ item.name }}" - version: "{{ item.version | default(omit) }}" - state: present - virtualenv: "{{ shade_venv }}" - with_items: - - name: shade diff --git a/ansible/test-image-centos-cloud.yml b/ansible/test-image-centos-cloud.yml index f153a16a1..28e019fe6 100644 --- a/ansible/test-image-centos-cloud.yml +++ b/ansible/test-image-centos-cloud.yml @@ -2,9 +2,9 @@ - name: Ensure CentOS cloud image is registered with Glance hosts: controllers[0] vars: - shade_venv: "{{ ansible_env['PWD'] }}/shade-venv" + os_shade_venv: "{{ ansible_env['PWD'] }}/shade-venv" roles: - - role: shade + - role: stackhpc.os-shade tasks: - name: Ensure image download directory exists file: @@ -20,7 +20,7 @@ # evaluate the Jinja variable reference, so we use set_fact. - name: Update the Ansible python interpreter fact to point to the shade virtualenv set_fact: - ansible_python_interpreter: "{{ shade_venv }}/bin/python" + ansible_python_interpreter: "{{ os_shade_venv }}/bin/python" - name: Ensure test deployment image is registered with Glance os_image: diff --git a/ansible/test-image.yml b/ansible/test-image.yml index cefa3639f..9aa6ee97d 100644 --- a/ansible/test-image.yml +++ b/ansible/test-image.yml @@ -16,9 +16,9 @@ - grub2 image_extra_elements: [] image_elements: "{{ image_base_elements + (image_whole_disk_elements if image_is_whole_disk|bool else image_partition_elements) + image_extra_elements }}" - shade_venv: "{{ ansible_env['PWD'] }}/shade-venv" + os_shade_venv: "{{ ansible_env['PWD'] }}/shade-venv" roles: - - role: shade + - role: stackhpc.os-shade tasks: - name: Ensure diskimage-builder package is installed yum: @@ -49,7 +49,7 @@ # evaluate the Jinja variable reference, so we use set_fact. - name: Update the Ansible python interpreter fact to point to the shade virtualenv set_fact: - ansible_python_interpreter: "{{ shade_venv }}/bin/python" + ansible_python_interpreter: "{{ os_shade_venv }}/bin/python" - name: Ensure test deployment ramdisk and kernel images are registered with Glance os_image: diff --git a/ansible/test-keypair.yml b/ansible/test-keypair.yml index ab986acde..dd74edbbb 100644 --- a/ansible/test-keypair.yml +++ b/ansible/test-keypair.yml @@ -3,15 +3,15 @@ hosts: controllers[0] vars: public_key_path: "{{ ssh_public_key_path }}" - shade_venv: "{{ ansible_env['PWD'] }}/shade-venv" + os_shade_venv: "{{ ansible_env['PWD'] }}/shade-venv" roles: - - role: shade + - role: stackhpc.os-shade tasks: # Note that setting this via a play or task variable seems to not # evaluate the Jinja variable reference, so we use set_fact. - name: Update the Ansible python interpreter fact to point to the shade virtualenv set_fact: - ansible_python_interpreter: "{{ shade_venv }}/bin/python" + ansible_python_interpreter: "{{ os_shade_venv }}/bin/python" - name: Ensure a test SSH key pair is registered with Nova os_keypair: diff --git a/ansible/test-project.yml b/ansible/test-project.yml index 45dffb6e1..66c63086b 100644 --- a/ansible/test-project.yml +++ b/ansible/test-project.yml @@ -48,11 +48,11 @@ register: ssh_public_key roles: - - role: projects - projects_venv: "{{ venv }}" - projects_auth_type: "{{ openstack_auth_type }}" - projects_admin_auth: "{{ openstack_auth }}" - projects: + - role: stackhpc.os-projects + os_projects_venv: "{{ venv }}" + os_projects_auth_type: "{{ openstack_auth_type }}" + os_projects_admin_auth: "{{ openstack_auth }}" + os_projects: - name: test-project description: Kayobe test project project_domain: default