81f6bda4c0
In order to reduce the packages required to pip install on to the hosts, we allow the service setup to be delegated to a specific host, defaulting to the deploy host. 1. We no longer need tempest_requires_pip_packages, so it is removed. 2. The openstack_openrc role is executed in the playbook, so we do not need it as a meta-dep any more. 3. All uses of our custom keystone module have been replaced with standard Ansible modules. 4. Using the service delegation model, it makes no sense to run the resource creation on all hosts, so we use run_once instead. 5. Given that we're using developer mode for master integrated builds, and pip.conf is present, we need to use the CLI to create the virtualenv so that we can use the '--never-download' option. Change-Id: I572db645b64a4a0ac6255bc36eaac1be13336989
276 lines
9.7 KiB
YAML
276 lines
9.7 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# We set the python interpreter to the ansible runtime venv if
|
|
# the delegation is to localhost so that we get access to the
|
|
# appropriate python libraries in that venv. If the delegation
|
|
# is to another host, we assume that it is accessible by the
|
|
# system python instead.
|
|
- name: Setup the tempest resources
|
|
delegate_to: "{{ tempest_service_setup_host }}"
|
|
vars:
|
|
ansible_python_interpreter: >-
|
|
{{ (tempest_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable']) }}
|
|
block:
|
|
- name: Ensures you have at least one image to upload
|
|
assert:
|
|
that:
|
|
- "tempest_images | length > 0"
|
|
when:
|
|
- tempest_service_available_glance | bool
|
|
|
|
- name: Create deployment-host tempest_image_dir
|
|
file:
|
|
path: "{{ tempest_image_dir }}"
|
|
state: directory
|
|
mode: "0750"
|
|
owner: "{{ tempest_image_dir_owner }}"
|
|
recurse: yes
|
|
become: yes
|
|
when:
|
|
- tempest_service_available_glance | bool
|
|
|
|
- name: Image(s) download
|
|
get_url:
|
|
url: "{{ item.url }}"
|
|
dest: "{{ tempest_image_dir }}/"
|
|
checksum: "{{ item.checksum | default(omit) }}"
|
|
with_items: "{{ tempest_images }}"
|
|
when:
|
|
- tempest_service_available_glance | bool
|
|
register: fetch_url
|
|
until: fetch_url is success
|
|
retries: 6
|
|
delay: 5
|
|
|
|
- name: Upload tempest images to glance
|
|
os_image:
|
|
cloud: default
|
|
interface: internal
|
|
validate_certs: "{{ not (keystone_service_internaluri_insecure | bool) }}"
|
|
name: "{{ item.name | default(item.url | basename) }}"
|
|
filename: "{{ tempest_image_dir }}/{{ item.url | basename }}"
|
|
container_format: bare
|
|
disk_format: "{{ item.format }}"
|
|
is_public: True
|
|
with_items: "{{ tempest_images }}"
|
|
register: tempest_image_create
|
|
until: tempest_image_create is success
|
|
retries: 5
|
|
delay: 15
|
|
when:
|
|
- tempest_service_available_glance | bool
|
|
|
|
# These facts are used in tempest.conf.j2; we set an empty string if it is not
|
|
# set above to ensure the template will parse correctly.
|
|
- name: Store first tempest image id
|
|
set_fact:
|
|
tempest_glance_image_id_1: "{{ tempest_service_available_glance | ternary(tempest_image_create['results'][0]['id'], '') }}"
|
|
tempest_glance_image_id_2: "{{ tempest_service_available_glance | ternary(tempest_image_create['results'][-1]['id'], '') }}"
|
|
|
|
- name: Add tempest projects
|
|
os_project:
|
|
cloud: default
|
|
state: present
|
|
name: "{{ item }}"
|
|
description: "{{ item }} project"
|
|
domain_id: "default"
|
|
interface: internal
|
|
verify: "{{ not (keystone_service_internaluri_insecure | bool) }}"
|
|
register: add_project
|
|
until: add_project is success
|
|
retries: 5
|
|
delay: 10
|
|
with_items: "{{ tempest_projects }}"
|
|
|
|
- name: Add tempest users
|
|
os_user:
|
|
cloud: default
|
|
state: present
|
|
name: "{{ item.name }}"
|
|
password: "{{ item.password | default(item.name) }}"
|
|
domain: default
|
|
default_project: "{{ item.project | default(item.name) }}"
|
|
interface: internal
|
|
verify: "{{ not (keystone_service_internaluri_insecure | bool) }}"
|
|
register: add_user
|
|
until: add_user is success
|
|
retries: 5
|
|
delay: 10
|
|
with_items: "{{ tempest_users }}"
|
|
no_log: True
|
|
|
|
- name: Add tempest roles
|
|
os_keystone_role:
|
|
cloud: default
|
|
interface: internal
|
|
validate_certs: "{{ not (keystone_service_internaluri_insecure | bool) }}"
|
|
name: "{{ item }}"
|
|
register: add_role
|
|
until: add_role is success
|
|
retries: 5
|
|
delay: 10
|
|
with_items: "{{ tempest_roles }}"
|
|
|
|
- name: Add tempest users to heat_stack_owner role
|
|
os_user_role:
|
|
cloud: default
|
|
state: present
|
|
user: "{{ item.name }}"
|
|
role: "heat_stack_owner"
|
|
project: "{{ item.project | default(item.name) }}"
|
|
interface: internal
|
|
verify: "{{ not (keystone_service_internaluri_insecure | bool) }}"
|
|
register: add_user_role
|
|
until: add_user_role is success
|
|
retries: 5
|
|
delay: 10
|
|
with_items: "{{ tempest_users }}"
|
|
when:
|
|
- tempest_service_available_heat | bool
|
|
|
|
- name: Store demo tenant id
|
|
set_fact:
|
|
keystone_demo_tenant_id: "{{ (add_project.results | json_query('[*].project.id'))[0] }}"
|
|
|
|
- name: Ensure private network exists
|
|
os_network:
|
|
cloud: default
|
|
endpoint_type: internal
|
|
validate_certs: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}"
|
|
name: "{{ tempest_private_net_name }}"
|
|
provider_network_type: "{{ tempest_private_net_provider_type }}"
|
|
provider_segmentation_id: "{{ tempest_private_net_seg_id | default(omit) }}"
|
|
project: "{{ keystone_demo_tenant_id }}"
|
|
register: tempest_private_network
|
|
until: tempest_private_network is success
|
|
retries: 5
|
|
delay: 10
|
|
when:
|
|
- tempest_service_available_neutron | bool
|
|
|
|
- name: Store neutron private network id
|
|
set_fact:
|
|
tempest_neutron_private_network_id: "{{ tempest_private_network.id }}"
|
|
when:
|
|
- tempest_service_available_neutron | bool
|
|
|
|
- name: Ensure public network exists
|
|
os_network:
|
|
cloud: default
|
|
endpoint_type: internal
|
|
validate_certs: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}"
|
|
name: "{{ tempest_public_net_name }}"
|
|
provider_network_type: "{{ tempest_public_net_provider_type }}"
|
|
provider_physical_network: "{{ tempest_public_net_physical_type | default(omit) }}"
|
|
provider_segmentation_id: "{{ tempest_public_net_seg_id | default(omit) }}"
|
|
external: "{{ tempest_public_router_external }}"
|
|
project: "{{ keystone_demo_tenant_id }}"
|
|
register: tempest_public_network
|
|
until: tempest_public_network is success
|
|
retries: 5
|
|
delay: 10
|
|
when:
|
|
- tempest_service_available_neutron | bool
|
|
|
|
- name: Store neutron public network id
|
|
set_fact:
|
|
tempest_neutron_public_network_id: "{{ tempest_service_available_neutron | ternary(tempest_public_network.id, '') }}"
|
|
|
|
- name: Ensure private subnet exists
|
|
os_subnet:
|
|
cloud: default
|
|
endpoint_type: internal
|
|
validate_certs: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}"
|
|
network_name: "{{ tempest_private_net_name }}"
|
|
name: "{{ tempest_private_subnet_name }}"
|
|
cidr: "{{ tempest_private_subnet_cidr }}"
|
|
project: "{{ keystone_demo_tenant_id }}"
|
|
register: _add_private_subnet
|
|
until: _add_private_subnet is success
|
|
retries: 5
|
|
delay: 10
|
|
when:
|
|
- tempest_service_available_neutron | bool
|
|
|
|
- name: Ensure public subnet exists
|
|
os_subnet:
|
|
cloud: default
|
|
endpoint_type: internal
|
|
validate_certs: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}"
|
|
network_name: "{{ tempest_public_net_name }}"
|
|
name: "{{ tempest_public_subnet_name }}"
|
|
cidr: "{{ tempest_public_subnet_cidr }}"
|
|
allocation_pool_start: "{{ tempest_public_subnet_allocation_pools.split('-')[0] | default(omit) }}"
|
|
allocation_pool_end: "{{ tempest_public_subnet_allocation_pools.split('-')[1] | default(omit) }}"
|
|
gateway_ip: "{{ tempest_public_subnet_gateway_ip | default(omit) }}"
|
|
register: _add_public_subnet
|
|
until: _add_public_subnet is success
|
|
retries: 5
|
|
delay: 10
|
|
when:
|
|
- tempest_service_available_neutron | bool
|
|
|
|
- name: Create router
|
|
os_router:
|
|
cloud: default
|
|
endpoint_type: internal
|
|
validate_certs: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}"
|
|
name: router
|
|
network: "{{ tempest_public_net_name }}"
|
|
interfaces:
|
|
- "{{ tempest_private_subnet_name }}"
|
|
project: "{{ keystone_demo_tenant_id }}"
|
|
register: _add_router
|
|
until: _add_router is success
|
|
retries: 5
|
|
delay: 10
|
|
when:
|
|
- tempest_service_available_neutron | bool
|
|
|
|
- name: Create tempest flavors
|
|
os_nova_flavor:
|
|
cloud: default
|
|
endpoint_type: internal
|
|
validate_certs: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}"
|
|
name: "{{ item.name }}"
|
|
flavorid: "{{ item.id }}"
|
|
ram: "{{ item.ram }}"
|
|
disk: "{{ item.disk }}"
|
|
vcpus: "{{ item.vcpus }}"
|
|
with_items: "{{ tempest_flavors }}"
|
|
register: _add_flavors
|
|
until: _add_flavors is success
|
|
retries: 5
|
|
delay: 10
|
|
when:
|
|
- tempest_service_available_nova | bool
|
|
|
|
- name: Get the admin user project id
|
|
os_project_facts:
|
|
cloud: default
|
|
name: admin
|
|
interface: internal
|
|
validate_certs: "{{ not (keystone_service_internaluri_insecure | bool) }}"
|
|
register: _get_admin_project
|
|
until: _get_admin_project is success
|
|
retries: 5
|
|
delay: 15
|
|
|
|
- name: Store admin project id
|
|
set_fact:
|
|
tempest_admin_tenant_id: "{{ ansible_facts.openstack_projects[0].id }}"
|
|
|