3a47ee875d
When doing the role upgrade, we run every playbook with current's branch ansible. This is normal for the infrastructure bits (which are running on current branch), but not for the installation of the previous branch's role, which should use previous branch's environment. Depends-On: I7ebb045885dd645b820de2b7f75b46c755c015f6 Change-Id: I5fbf34688b8930d47cbb36866fe2436ce143ee00 Related-Bug: #1741471
103 lines
3.5 KiB
YAML
103 lines
3.5 KiB
YAML
---
|
|
# Copyright 2016, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- include: common/setting-nodepool-variables.yml
|
|
|
|
# Ensure the repo is setup for previous version
|
|
- include: common/previous/test-repo-setup.yml
|
|
|
|
- name: Make /lib/modules accessible on neutron_agent containers
|
|
hosts: neutron_agent
|
|
user: root
|
|
become: true
|
|
gather_facts: true
|
|
tasks:
|
|
- name: Use the unconfined aa profile
|
|
lxc_container:
|
|
name: "{{ container_name }}"
|
|
container_config:
|
|
- "lxc.aa_profile=unconfined"
|
|
delegate_to: "{{ physical_host }}"
|
|
|
|
- name: Set mount path for kernel modules (Ubuntu)
|
|
set_fact:
|
|
kernel_module_path: "lib/modules"
|
|
when: ansible_pkg_mgr == 'apt'
|
|
|
|
- name: Set mount path for kernel modules (CentOS)
|
|
set_fact:
|
|
kernel_module_path: "usr/lib/modules"
|
|
when: ansible_pkg_mgr in ['yum', 'dnf']
|
|
|
|
- name: Neutron extra lxc config
|
|
lxc_container:
|
|
name: "{{ container_name }}"
|
|
container_command: |
|
|
[[ ! -d "/{{ kernel_module_path }}" ]] && mkdir -p "/{{ kernel_module_path }}"
|
|
container_config:
|
|
- "lxc.cgroup.devices.allow=a *:* rmw"
|
|
- "lxc.mount.entry=/{{ kernel_module_path }} {{ kernel_module_path }} none bind 0 0"
|
|
delegate_to: "{{ physical_host }}"
|
|
|
|
- name: Wait for ssh to be available
|
|
local_action:
|
|
module: wait_for
|
|
port: "{{ ansible_port | default('22') }}"
|
|
host: "{{ ansible_host | default(inventory_hostname) }}"
|
|
search_regex: OpenSSH
|
|
delay: 1
|
|
- name: Ensure presence of iptables inside the agent before running the role
|
|
package:
|
|
name: iptables
|
|
state: present
|
|
|
|
- name: Add iptables rule for communication w/ metadata agent
|
|
command: /sbin/iptables -t mangle -A POSTROUTING -p tcp --sport 80 -j CHECKSUM --checksum-fill
|
|
|
|
- name: Deploy neutron
|
|
hosts: neutron_all
|
|
user: root
|
|
gather_facts: true
|
|
pre_tasks:
|
|
# NOTE: These are typically installed in the repo server where we build the
|
|
# neutron wheel
|
|
- name: Install packages required to build neutron python package (Ubuntu)
|
|
apt:
|
|
name: "{{ item }}"
|
|
with_items:
|
|
- libffi-dev
|
|
when:
|
|
- inventory_hostname in groups['neutron_all']
|
|
- ansible_pkg_mgr == 'apt'
|
|
- name: Install packages required to build neutron python package (CentOS)
|
|
yum:
|
|
name: "{{ item }}"
|
|
with_items:
|
|
- libffi-devel
|
|
when:
|
|
- inventory_hostname in groups['neutron_all']
|
|
- ansible_pkg_mgr in ['yum', 'dnf']
|
|
- include: common/ensure-rabbitmq.yml
|
|
vhost_name: "{{ neutron_rabbitmq_vhost }}"
|
|
user_name: "{{ neutron_rabbitmq_userid }}"
|
|
user_password: "{{ neutron_rabbitmq_password }}"
|
|
- include: common/create-grant-db.yml
|
|
db_name: "{{ neutron_galera_database }}"
|
|
db_password: "{{ neutron_container_mysql_password }}"
|
|
roles:
|
|
- role: "os_previous_neutron"
|
|
vars_files:
|
|
- common/previous/test-vars.yml
|