Cleanup/standardize common tasks
All of the common tasks shared across all of the playbooks have been moved into "playbooks/common-tasks" as singular task files which are simply included as needed. * This change will assist developers adding additional playbooks, roles, etc which may need access to common tasks. * This change will guarantee consistency between playbooks when executing common tasks which are generally used to setup services. * This change greatly reduces code duplication across all plays. * The common-task files have comments at the top for developer instructions on how a task file can be used. Change-Id: I399211c139d6388ab56b97b809f93d4936907c7a Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
parent
54555431af
commit
91deb13ec2
36
playbooks/common-tasks/mysql-db-user.yml
Normal file
36
playbooks/common-tasks/mysql-db-user.yml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
---
|
||||||
|
# Copyright 2016, Rackspace US, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- name: Create DB for service
|
||||||
|
mysql_db:
|
||||||
|
login_user: "{{ galera_root_user }}"
|
||||||
|
login_password: "{{ galera_root_password }}"
|
||||||
|
login_host: "{{ login_host }}"
|
||||||
|
name: "{{ db_name }}"
|
||||||
|
state: "present"
|
||||||
|
delegate_to: "{{ groups['galera_all'][0] }}"
|
||||||
|
|
||||||
|
- name: Grant access to the DB for the service
|
||||||
|
mysql_user:
|
||||||
|
login_user: "{{ galera_root_user }}"
|
||||||
|
login_password: "{{ galera_root_password }}"
|
||||||
|
login_host: "{{ login_host }}"
|
||||||
|
name: "{{ user_name }}"
|
||||||
|
password: "{{ password }}"
|
||||||
|
host: "{{ item }}"
|
||||||
|
state: "present"
|
||||||
|
priv: "{{ db_name }}.*:ALL"
|
||||||
|
delegate_to: "{{ groups['galera_all'][0] }}"
|
||||||
|
with_items: "{{ grant_list | default(['localhost', '%']) }}"
|
42
playbooks/common-tasks/os-log-dir-setup.yml
Normal file
42
playbooks/common-tasks/os-log-dir-setup.yml
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
---
|
||||||
|
# Copyright 2016, Rackspace US, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Usage:
|
||||||
|
# This common task is used to create log directories and links
|
||||||
|
# if the "log_dirs" list is passed. "log_dirs" must be used
|
||||||
|
# containing at least one dictionary with the keys "dest" and
|
||||||
|
# "src". Optionally the "owner" and "group" can be provided as well.
|
||||||
|
# * dest = destination
|
||||||
|
# * src = source
|
||||||
|
# * owner = user
|
||||||
|
# * group = group
|
||||||
|
|
||||||
|
- name: Create log dir
|
||||||
|
file:
|
||||||
|
path: "{{ item.src }}"
|
||||||
|
state: directory
|
||||||
|
with_items: "{{ log_dirs }}"
|
||||||
|
when: is_metal | bool
|
||||||
|
|
||||||
|
- name: Create log aggregation links
|
||||||
|
file:
|
||||||
|
src: "{{ item.src }}"
|
||||||
|
dest: "{{ item.dest }}"
|
||||||
|
owner: "{{ item.owner|default(omit) }}"
|
||||||
|
group: "{{ item.group|default(omit) }}"
|
||||||
|
state: "link"
|
||||||
|
force: "yes"
|
||||||
|
with_items: "{{ log_dirs }}"
|
||||||
|
when: is_metal | bool
|
89
playbooks/common-tasks/os-lxc-container-setup.yml
Normal file
89
playbooks/common-tasks/os-lxc-container-setup.yml
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
---
|
||||||
|
# Copyright 2016, Rackspace US, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Usage:
|
||||||
|
# This common task will update lxc containers to use the lxc-openstack
|
||||||
|
# app-armor profile by default however this profile can be changed as needed.
|
||||||
|
|
||||||
|
# This will also load in a list of bind mounts for a given container. To load
|
||||||
|
# in a list of bind mounts the variable, "list_of_bind_mounts" must be used
|
||||||
|
# containing at least one dictionary with the keys "bind_dir_path",
|
||||||
|
# "relative_bind_dir_path", and "mount_path".
|
||||||
|
# * bind_dir_path = Container path used in a bind mount
|
||||||
|
# * mount_path = Local path on the physical host used for a bind mount
|
||||||
|
|
||||||
|
# If extra container configurations are desirable set the
|
||||||
|
# "extra_container_config" list to strings containing the options needed.
|
||||||
|
|
||||||
|
- name: Set the LXC app-armor profile
|
||||||
|
lxc_container:
|
||||||
|
name: "{{ inventory_hostname }}"
|
||||||
|
container_config:
|
||||||
|
- "lxc.aa_profile={{ aa_profile | default('lxc-openstack') }}"
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
when:
|
||||||
|
- not is_metal | bool
|
||||||
|
register: _cp
|
||||||
|
|
||||||
|
- name: Ensure mount directories exists
|
||||||
|
file:
|
||||||
|
path: "{{ item['mount_path'] }}"
|
||||||
|
state: "directory"
|
||||||
|
with_items: "{{ list_of_bind_mounts | default([]) }}"
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
when:
|
||||||
|
- list_of_bind_mounts is defined
|
||||||
|
- not is_metal | bool
|
||||||
|
|
||||||
|
- name: LXC Directory bind mount
|
||||||
|
lxc_container:
|
||||||
|
name: "{{ inventory_hostname }}"
|
||||||
|
container_command: |
|
||||||
|
[[ ! -d "{{ item['bind_dir_path'] }}" ]] && mkdir -p "{{ item['bind_dir_path'] }}"
|
||||||
|
container_config:
|
||||||
|
- "lxc.mount.entry={{ item['mount_path'] }} {{ item['bind_dir_path'].lstrip('/') }} none bind 0 0"
|
||||||
|
with_items: "{{ list_of_bind_mounts | default([]) }}"
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
register: _bm
|
||||||
|
when:
|
||||||
|
- list_of_bind_mounts is defined
|
||||||
|
- not is_metal | bool
|
||||||
|
|
||||||
|
- name: Extra lxc config
|
||||||
|
lxc_container:
|
||||||
|
name: "{{ inventory_hostname }}"
|
||||||
|
container_config: "{{ extra_container_config }}"
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
when:
|
||||||
|
- extra_container_config is defined
|
||||||
|
- not is_metal | bool
|
||||||
|
register: _ec
|
||||||
|
|
||||||
|
- name: Wait for container ssh
|
||||||
|
wait_for:
|
||||||
|
port: "22"
|
||||||
|
delay: "{{ ssh_delay }}"
|
||||||
|
search_regex: "OpenSSH"
|
||||||
|
host: "{{ ansible_ssh_host }}"
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
when:
|
||||||
|
- >
|
||||||
|
(_cp is defined and _cp | changed) or
|
||||||
|
(_bm is defined and _bm | changed) or
|
||||||
|
(_ec is defined and _ec | changed)
|
||||||
|
- not is_metal | bool
|
||||||
|
register: ssh_wait_check
|
||||||
|
until: ssh_wait_check | success
|
||||||
|
retries: 3
|
33
playbooks/common-tasks/rabbitmq-servers-sort.yml
Normal file
33
playbooks/common-tasks/rabbitmq-servers-sort.yml
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
---
|
||||||
|
# Copyright 2016, Rackspace US, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Usage:
|
||||||
|
# To use this common task the variable "sort_group_name" needs to be set
|
||||||
|
# This common task will set a fact for "rabbitmq_servers" upon completion.
|
||||||
|
|
||||||
|
- name: Sort the rabbitmq servers
|
||||||
|
dist_sort:
|
||||||
|
value_to_lookup: "{{ container_name }}"
|
||||||
|
ref_list: "{{ groups[sort_group_name] }}"
|
||||||
|
src_list: "{{ rabbitmq_servers }}"
|
||||||
|
register: servers
|
||||||
|
tags:
|
||||||
|
- always
|
||||||
|
|
||||||
|
- name: Set rabbitmq servers
|
||||||
|
set_fact:
|
||||||
|
rabbitmq_servers: "{{ servers.sorted_list }}"
|
||||||
|
tags:
|
||||||
|
- always
|
36
playbooks/common-tasks/rabbitmq-vhost-user.yml
Normal file
36
playbooks/common-tasks/rabbitmq-vhost-user.yml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
---
|
||||||
|
# Copyright 2016, Rackspace US, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Usage:
|
||||||
|
# To use this common task to create rabbitmq virtual hosts if needed
|
||||||
|
# and to create a user within rabbitmq. To use this common task the
|
||||||
|
# variables "vhost", "user", and "password" must be set.
|
||||||
|
|
||||||
|
- name: Ensure Rabbitmq vhost
|
||||||
|
rabbitmq_vhost:
|
||||||
|
name: "{{ vhost }}"
|
||||||
|
state: "present"
|
||||||
|
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
||||||
|
|
||||||
|
- name: Ensure rabbitmq user
|
||||||
|
rabbitmq_user:
|
||||||
|
user: "{{ user }}"
|
||||||
|
password: "{{ password }}"
|
||||||
|
vhost: "{{ vhost }}"
|
||||||
|
configure_priv: ".*"
|
||||||
|
read_priv: ".*"
|
||||||
|
write_priv: ".*"
|
||||||
|
state: "present"
|
||||||
|
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
@ -19,40 +19,11 @@
|
|||||||
gather_facts: "{{ gather_facts | default(True) }}"
|
gather_facts: "{{ gather_facts | default(True) }}"
|
||||||
user: root
|
user: root
|
||||||
tasks:
|
tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
list_of_bind_mounts:
|
||||||
container_config:
|
- bind_dir_path: "/var/lib/mysql"
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
mount_path: "/openstack/{{ inventory_hostname }}"
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Galera extra lxc config
|
|
||||||
lxc_container:
|
|
||||||
name: "{{ container_name }}"
|
|
||||||
container_command: |
|
|
||||||
[[ ! -d "/var/lib/mysql" ]] && mkdir -p "/var/lib/mysql"
|
|
||||||
container_config:
|
|
||||||
- "lxc.mount.entry=/openstack/{{ container_name }} var/lib/mysql none bind 0 0"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_extra_config
|
|
||||||
tags:
|
|
||||||
- galera-mysql-dir
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
(container_config is defined and container_config | changed) or
|
|
||||||
(container_extra_config is defined and container_extra_config | changed)
|
|
||||||
tags:
|
|
||||||
- galera-ssh-wait
|
|
||||||
vars:
|
vars:
|
||||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||||
tags:
|
tags:
|
||||||
|
@ -19,31 +19,12 @@
|
|||||||
max_fail_percentage: 0
|
max_fail_percentage: 0
|
||||||
user: root
|
user: root
|
||||||
tasks:
|
tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
name: "{{ container_name }}"
|
vars:
|
||||||
container_config:
|
log_dirs:
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- src: "/openstack/log/{{ inventory_hostname }}-haproxy"
|
||||||
delegate_to: "{{ physical_host }}"
|
dest: "/var/log/haproxy"
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when:
|
|
||||||
- container_config is defined
|
|
||||||
- container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
vars:
|
vars:
|
||||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
is_metal: "{{ properties.is_metal|default(false) }}"
|
||||||
tags:
|
tags:
|
||||||
@ -73,26 +54,6 @@
|
|||||||
when: internal_lb_vip_address == external_lb_vip_address
|
when: internal_lb_vip_address == external_lb_vip_address
|
||||||
tags:
|
tags:
|
||||||
- haproxy-service-config
|
- haproxy-service-config
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-haproxy" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- haproxy-logs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-haproxy", dest: "/var/log/haproxy", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- haproxy-logs
|
|
||||||
- name: Remove legacy haproxy logging file
|
- name: Remove legacy haproxy logging file
|
||||||
file:
|
file:
|
||||||
dest: "/etc/rsyslog.d/haproxy.conf"
|
dest: "/etc/rsyslog.d/haproxy.conf"
|
||||||
|
@ -19,49 +19,12 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
name: "{{ container_name }}"
|
vars:
|
||||||
container_config:
|
log_dirs:
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- src: "/openstack/log/{{ inventory_hostname }}-memcached"
|
||||||
delegate_to: "{{ physical_host }}"
|
dest: "/var/log/memcached"
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "/openstack/log/{{ inventory_hostname }}-memcached"
|
|
||||||
state: directory
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- memcached-logs
|
|
||||||
- memcached-log-dirs
|
|
||||||
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "/openstack/log/{{ inventory_hostname }}-memcached"
|
|
||||||
dest: "/var/log/memcached"
|
|
||||||
state: "link"
|
|
||||||
force: "yes"
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- memcached-logs
|
|
||||||
roles:
|
roles:
|
||||||
- { role: "memcached_server", tags: [ "memcached-server" ] }
|
- { role: "memcached_server", tags: [ "memcached-server" ] }
|
||||||
- role: "system_crontab_coordination"
|
- role: "system_crontab_coordination"
|
||||||
|
@ -19,107 +19,30 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "aodh_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
register: container_config
|
vars:
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Sort the rabbitmq servers
|
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['aodh_all'] }}"
|
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-aodh" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- aodh-logs
|
|
||||||
- aodh-log-dirs
|
|
||||||
- name: Ensure Rabbitmq vhost
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ aodh_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['aodh_api'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- aodh-rabbitmq
|
|
||||||
- aodh-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ aodh_rabbitmq_userid }}"
|
user: "{{ aodh_rabbitmq_userid }}"
|
||||||
password: "{{ aodh_rabbitmq_password }}"
|
password: "{{ aodh_rabbitmq_password }}"
|
||||||
vhost: "{{ aodh_rabbitmq_vhost }}"
|
vhost: "{{ aodh_rabbitmq_vhost }}"
|
||||||
configure_priv: ".*"
|
|
||||||
read_priv: ".*"
|
|
||||||
write_priv: ".*"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['aodh_api'][0]
|
- inventory_hostname == groups['aodh_api'][0]
|
||||||
- groups['rabbitmq_all']|length > 0
|
- groups['rabbitmq_all'] | length > 0
|
||||||
tags:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
- aodh-rabbitmq
|
vars:
|
||||||
- aodh-rabbitmq-user
|
log_dirs:
|
||||||
- name: Create DB for service
|
- src: "/openstack/log/{{ inventory_hostname }}-aodh"
|
||||||
mysql_db:
|
dest: "/var/log/aodh"
|
||||||
login_user: "{{ galera_root_user }}"
|
- include: common-tasks/mysql-db-user.yml
|
||||||
login_password: "{{ galera_root_password }}"
|
vars:
|
||||||
login_host: "{{ aodh_galera_address }}"
|
user_name: "{{ aodh_galera_user }}"
|
||||||
name: "{{ aodh_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['aodh_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ aodh_galera_address }}"
|
|
||||||
name: "{{ aodh_galera_user }}"
|
|
||||||
password: "{{ aodh_container_db_password }}"
|
password: "{{ aodh_container_db_password }}"
|
||||||
host: "{{ item }}"
|
login_host: "{{ aodh_galera_address }}"
|
||||||
state: "present"
|
db_name: "{{ aodh_galera_database }}"
|
||||||
priv: "{{ aodh_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['aodh_all'][0]
|
when: inventory_hostname == groups['aodh_all'][0]
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
roles:
|
roles:
|
||||||
- role: "os_aodh"
|
- role: "os_aodh"
|
||||||
aodh_venv_tag: "{{ openstack_release }}"
|
aodh_venv_tag: "{{ openstack_release }}"
|
||||||
|
@ -19,86 +19,23 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "ceilometer_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
delegate_to: "{{ physical_host }}"
|
vars:
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Sort the rabbitmq servers
|
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['ceilometer_all'] }}"
|
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-ceilometer" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- ceilometer-logs
|
|
||||||
- ceilometer-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-ceilometer", dest: "/var/log/ceilometer", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- ceilometer-logs
|
|
||||||
- name: Ensure Rabbitmq vhost
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ ceilometer_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['ceilometer_api'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- ceilometer-rabbitmq
|
|
||||||
- ceilometer-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ ceilometer_rabbitmq_userid }}"
|
user: "{{ ceilometer_rabbitmq_userid }}"
|
||||||
password: "{{ ceilometer_rabbitmq_password }}"
|
password: "{{ ceilometer_rabbitmq_password }}"
|
||||||
vhost: "{{ ceilometer_rabbitmq_vhost }}"
|
vhost: "{{ ceilometer_rabbitmq_vhost }}"
|
||||||
configure_priv: ".*"
|
|
||||||
read_priv: ".*"
|
|
||||||
write_priv: ".*"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['ceilometer_api'][0]
|
- inventory_hostname == groups['ceilometer_api'][0]
|
||||||
- groups['rabbitmq_all']|length > 0
|
- groups['rabbitmq_all'] | length > 0
|
||||||
tags:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
- ceilometer-rabbitmq
|
vars:
|
||||||
- ceilometer-rabbitmq-user
|
log_dirs:
|
||||||
|
- src: "/openstack/log/{{ inventory_hostname }}-ceilometer"
|
||||||
|
dest: "/var/log/ceilometer"
|
||||||
roles:
|
roles:
|
||||||
- role: "os_ceilometer"
|
- role: "os_ceilometer"
|
||||||
ceilometer_venv_tag: "{{ openstack_release }}"
|
ceilometer_venv_tag: "{{ openstack_release }}"
|
||||||
|
@ -19,18 +19,43 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "cinder_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=unconfined"
|
vars:
|
||||||
delegate_to: "{{ physical_host }}"
|
aa_profile: "unconfined"
|
||||||
register: container_config
|
extra_container_config:
|
||||||
when: >
|
- "lxc.autodev=0"
|
||||||
not is_metal | bool and
|
- "lxc.cgroup.devices.allow=a *:* rmw"
|
||||||
inventory_hostname in groups['cinder_volume']
|
- "lxc.mount.entry=udev dev devtmpfs defaults 0 0"
|
||||||
tags:
|
when:
|
||||||
- lxc-aa-profile
|
- inventory_hostname in groups['cinder_volume']
|
||||||
|
- cinder_backend_lvm_inuse | bool
|
||||||
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
|
when:
|
||||||
|
- inventory_hostname not in groups['cinder_volume']
|
||||||
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
|
vars:
|
||||||
|
user: "{{ cinder_rabbitmq_userid }}"
|
||||||
|
password: "{{ cinder_rabbitmq_password }}"
|
||||||
|
vhost: "{{ cinder_rabbitmq_vhost }}"
|
||||||
|
when:
|
||||||
|
- inventory_hostname == groups['cinder_all'][0]
|
||||||
|
- groups['rabbitmq_all'] | length > 0
|
||||||
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
|
vars:
|
||||||
|
log_dirs:
|
||||||
|
- src: "/openstack/log/{{ inventory_hostname }}-cinder"
|
||||||
|
dest: "/var/log/cinder"
|
||||||
|
- include: common-tasks/mysql-db-user.yml
|
||||||
|
vars:
|
||||||
|
user_name: "{{ cinder_galera_user }}"
|
||||||
|
password: "{{ cinder_container_mysql_password }}"
|
||||||
|
login_host: "{{ cinder_galera_address }}"
|
||||||
|
db_name: "{{ cinder_galera_database }}"
|
||||||
|
when: inventory_hostname == groups['cinder_all'][0]
|
||||||
|
|
||||||
- name: Add volume group block device to cinder
|
- name: Add volume group block device to cinder
|
||||||
shell: |
|
shell: |
|
||||||
{% if item.value.volume_group is defined %}
|
{% if item.value.volume_group is defined %}
|
||||||
@ -43,135 +68,18 @@
|
|||||||
echo "{{ item.key }} volume_group not defined"
|
echo "{{ item.key }} volume_group not defined"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
with_dict: cinder_backends|default({})
|
with_dict: cinder_backends|default({})
|
||||||
when: physical_host != container_name
|
when:
|
||||||
|
- physical_host != container_name
|
||||||
|
- cinder_backend_lvm_inuse | bool
|
||||||
delegate_to: "{{ physical_host }}"
|
delegate_to: "{{ physical_host }}"
|
||||||
tags:
|
tags:
|
||||||
- cinder-lxc-devices
|
- cinder-lxc-devices
|
||||||
- name: Cinder volume extra lxc config
|
|
||||||
lxc_container:
|
|
||||||
name: "{{ container_name }}"
|
|
||||||
container_config:
|
|
||||||
- "lxc.autodev=0"
|
|
||||||
- "lxc.cgroup.devices.allow=a *:* rmw"
|
|
||||||
- "lxc.mount.entry=udev dev devtmpfs defaults 0 0"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
not is_metal | bool and
|
|
||||||
inventory_hostname in groups['cinder_volume'] and
|
|
||||||
cinder_backend_lvm_inuse
|
|
||||||
tags:
|
|
||||||
- cinder-container-setup
|
|
||||||
register: lxc_config
|
|
||||||
- name: udevadm trigger
|
- name: udevadm trigger
|
||||||
command: udevadm trigger
|
command: udevadm trigger
|
||||||
tags:
|
tags:
|
||||||
- cinder-container-setup
|
- cinder-container-setup
|
||||||
delegate_to: "{{ physical_host }}"
|
delegate_to: "{{ physical_host }}"
|
||||||
when: lxc_config is defined and lxc_config | changed
|
when: cinder_backend_lvm_inuse | bool
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
(container_config is defined and container_config | changed) or
|
|
||||||
(lxc_config is defined and lxc_config | changed)
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check|success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Sort the rabbitmq servers
|
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['cinder_all'] }}"
|
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-cinder" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- cinder-logs
|
|
||||||
- cinder-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-cinder", dest: "/var/log/cinder", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- cinder-logs
|
|
||||||
- name: Ensure Rabbitmq vhost
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ cinder_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['cinder_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- cinder-rabbitmq
|
|
||||||
- cinder-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ cinder_rabbitmq_userid }}"
|
|
||||||
password: "{{ cinder_rabbitmq_password }}"
|
|
||||||
vhost: "{{ cinder_rabbitmq_vhost }}"
|
|
||||||
configure_priv: ".*"
|
|
||||||
read_priv: ".*"
|
|
||||||
write_priv: ".*"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['cinder_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- cinder-rabbitmq
|
|
||||||
- cinder-rabbitmq-user
|
|
||||||
- name: Create DB for service
|
|
||||||
mysql_db:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ cinder_galera_address }}"
|
|
||||||
name: "{{ cinder_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['cinder_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ cinder_galera_address }}"
|
|
||||||
name: "{{ cinder_galera_user }}"
|
|
||||||
password: "{{ cinder_container_mysql_password }}"
|
|
||||||
host: "{{ item }}"
|
|
||||||
state: "present"
|
|
||||||
priv: "{{ cinder_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['cinder_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Set cinder storage bridge (is_metal)
|
- name: Set cinder storage bridge (is_metal)
|
||||||
set_fact:
|
set_fact:
|
||||||
storage_bridge: "{{ 'ansible_' + hostvars[inventory_hostname]['container_networks']['storage_address']['bridge'] | replace('-', '_') }}"
|
storage_bridge: "{{ 'ansible_' + hostvars[inventory_hostname]['container_networks']['storage_address']['bridge'] | replace('-', '_') }}"
|
||||||
|
@ -19,135 +19,37 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "glance_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
vars:
|
||||||
delegate_to: "{{ physical_host }}"
|
list_of_bind_mounts:
|
||||||
when: not is_metal | bool
|
- bind_dir_path: "/var/lib/glance/images"
|
||||||
register: container_config
|
mount_path: "/openstack/{{ inventory_hostname }}"
|
||||||
tags:
|
when: (glance_default_store == "file") and (glance_nfs_client is not defined)
|
||||||
- lxc-aa-profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- name: Glance extra lxc config
|
when: (glance_default_store != "file") or (glance_nfs_client is defined)
|
||||||
lxc_container:
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
name: "{{ container_name }}"
|
vars:
|
||||||
container_command: |
|
|
||||||
[[ ! -d "/var/lib/glance/images" ]] && mkdir -p "/var/lib/glance/images"
|
|
||||||
container_config:
|
|
||||||
- "lxc.mount.entry=/openstack/{{ container_name }} var/lib/glance/images none bind 0 0"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
(not is_metal | bool) and
|
|
||||||
(glance_default_store == "file") and
|
|
||||||
(glance_nfs_client is not defined)
|
|
||||||
register: container_extra_config
|
|
||||||
tags:
|
|
||||||
- glance-cache-dir
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
(container_config is defined and container_config | changed) or
|
|
||||||
(container_extra_config is defined and container_config | changed)
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Sort the rabbitmq servers
|
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['glance_all'] }}"
|
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-glance" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- glance-logs
|
|
||||||
- glance-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-glance", dest: "/var/log/glance", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- glance-logs
|
|
||||||
- name: Ensure Rabbitmq vhost
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ glance_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['glance_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- glance-rabbitmq
|
|
||||||
- glance-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ glance_rabbitmq_userid }}"
|
user: "{{ glance_rabbitmq_userid }}"
|
||||||
password: "{{ glance_rabbitmq_password }}"
|
password: "{{ glance_rabbitmq_password }}"
|
||||||
vhost: "{{ glance_rabbitmq_vhost }}"
|
vhost: "{{ glance_rabbitmq_vhost }}"
|
||||||
configure_priv: ".*"
|
|
||||||
read_priv: ".*"
|
|
||||||
write_priv: ".*"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['glance_all'][0]
|
- inventory_hostname == groups['glance_all'][0]
|
||||||
- groups['rabbitmq_all']|length > 0
|
- groups['rabbitmq_all'] | length > 0
|
||||||
tags:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
- glance-rabbitmq
|
vars:
|
||||||
- glance-rabbitmq-user
|
log_dirs:
|
||||||
- name: Create DB for service
|
- src: "/openstack/log/{{ inventory_hostname }}-glance"
|
||||||
mysql_db:
|
dest: "/var/log/glance"
|
||||||
login_user: "{{ galera_root_user }}"
|
- include: common-tasks/mysql-db-user.yml
|
||||||
login_password: "{{ galera_root_password }}"
|
vars:
|
||||||
login_host: "{{ glance_galera_address }}"
|
user_name: "{{ glance_galera_user }}"
|
||||||
name: "{{ glance_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['glance_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ glance_galera_address }}"
|
|
||||||
name: "{{ glance_galera_user }}"
|
|
||||||
password: "{{ glance_container_mysql_password }}"
|
password: "{{ glance_container_mysql_password }}"
|
||||||
host: "{{ item }}"
|
login_host: "{{ glance_galera_address }}"
|
||||||
state: "present"
|
db_name: "{{ glance_galera_database }}"
|
||||||
priv: "{{ glance_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['glance_all'][0]
|
when: inventory_hostname == groups['glance_all'][0]
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
roles:
|
roles:
|
||||||
- role: "os_glance"
|
- role: "os_glance"
|
||||||
glance_venv_tag: "{{ openstack_release }}"
|
glance_venv_tag: "{{ openstack_release }}"
|
||||||
|
@ -18,90 +18,26 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
list_of_bind_mounts:
|
||||||
container_config:
|
- bind_dir_path: "/var/lib/gnocchi"
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
mount_path: "/openstack/{{ inventory_hostname }}"
|
||||||
delegate_to: "{{ physical_host }}"
|
when: (gnocchi_storage_driver == "file") and (gnocchi_storage_driver is not defined)
|
||||||
when: not is_metal | bool
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
register: container_config
|
when: (gnocchi_storage_driver != "file") or (gnocchi_storage_driver is defined)
|
||||||
tags:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
- lxc-aa-profile
|
vars:
|
||||||
- name: Wait for container ssh
|
log_dirs:
|
||||||
wait_for:
|
- src: "/openstack/log/{{ inventory_hostname }}-gnocchi"
|
||||||
port: "22"
|
dest: "/var/log/gnocchi"
|
||||||
delay: "{{ ssh_delay }}"
|
- include: common-tasks/mysql-db-user.yml
|
||||||
search_regex: "OpenSSH"
|
vars:
|
||||||
host: "{{ ansible_ssh_host }}"
|
user_name: "{{ gnocchi_galera_user }}"
|
||||||
delegate_to: "{{ physical_host }}"
|
password: "{{ gnocchi_container_mysql_password }}"
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Gnocchi extra lxc config
|
|
||||||
lxc_container:
|
|
||||||
name: "{{ container_name }}"
|
|
||||||
container_command: |
|
|
||||||
[[ ! -d "/var/lib/gnocchi" ]] && mkdir -p "/var/lib/gnocchi"
|
|
||||||
container_config:
|
|
||||||
- "lxc.mount.entry=/openstack/{{ container_name }} var/lib/gnocchi none bind 0 0"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
(not is_metal | bool) and gnocchi_storage_driver is not defined or
|
|
||||||
(gnocchi_storage_driver == "file")
|
|
||||||
register: container_extra_config
|
|
||||||
tags:
|
|
||||||
-gnocchi-storage-dir
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-gnocchi" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- gnocchi-logs
|
|
||||||
- gnocchi-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "/openstack/log/{{ inventory_hostname }}-gnocchi"
|
|
||||||
dest: "/var/log/gnocchi"
|
|
||||||
state: "link"
|
|
||||||
force: "yes"
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- gnocchi-logs
|
|
||||||
- name: Create DB for service
|
|
||||||
mysql_db:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ gnocchi_galera_address }}"
|
login_host: "{{ gnocchi_galera_address }}"
|
||||||
name: "{{ gnocchi_galera_database }}"
|
db_name: "{{ gnocchi_galera_database }}"
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['gnocchi_all'][0]
|
when: inventory_hostname == groups['gnocchi_all'][0]
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ gnocchi_galera_address }}"
|
|
||||||
name: "{{ gnocchi_galera_user }}"
|
|
||||||
password: "{{ gnocchi_galera_password }}"
|
|
||||||
host: "{{ item }}"
|
|
||||||
state: "present"
|
|
||||||
priv: "{{ gnocchi_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['gnocchi_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
roles:
|
roles:
|
||||||
- role: "os_gnocchi"
|
- role: "os_gnocchi"
|
||||||
gnocchi_venv_tag: "{{ openstack_release }}"
|
gnocchi_venv_tag: "{{ openstack_release }}"
|
||||||
|
@ -19,118 +19,30 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "heat_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
delegate_to: "{{ physical_host }}"
|
vars:
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Sort the rabbitmq servers
|
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['heat_all'] }}"
|
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-heat" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- heat-logs
|
|
||||||
- heat-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-heat", dest: "/var/log/heat", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- heat-logs
|
|
||||||
- name: Ensure Rabbitmq vhost
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ heat_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['heat_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- heat-rabbitmq
|
|
||||||
- heat-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ heat_rabbitmq_userid }}"
|
user: "{{ heat_rabbitmq_userid }}"
|
||||||
password: "{{ heat_rabbitmq_password }}"
|
password: "{{ heat_rabbitmq_password }}"
|
||||||
vhost: "{{ heat_rabbitmq_vhost }}"
|
vhost: "{{ heat_rabbitmq_vhost }}"
|
||||||
configure_priv: ".*"
|
|
||||||
read_priv: ".*"
|
|
||||||
write_priv: ".*"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['heat_all'][0]
|
- inventory_hostname == groups['heat_all'][0]
|
||||||
- groups['rabbitmq_all']|length > 0
|
- groups['rabbitmq_all'] | length > 0
|
||||||
tags:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
- heat-rabbitmq
|
vars:
|
||||||
- heat-rabbitmq-user
|
log_dirs:
|
||||||
- name: Create DB for service
|
- src: "/openstack/log/{{ inventory_hostname }}-heat"
|
||||||
mysql_db:
|
dest: "/var/log/heat"
|
||||||
login_user: "{{ galera_root_user }}"
|
- include: common-tasks/mysql-db-user.yml
|
||||||
login_password: "{{ galera_root_password }}"
|
vars:
|
||||||
login_host: "{{ heat_galera_address }}"
|
user_name: "{{ heat_galera_user }}"
|
||||||
name: "{{ heat_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['heat_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ heat_galera_address }}"
|
|
||||||
name: "{{ heat_galera_user }}"
|
|
||||||
password: "{{ heat_container_mysql_password }}"
|
password: "{{ heat_container_mysql_password }}"
|
||||||
host: "{{ item }}"
|
login_host: "{{ heat_galera_address }}"
|
||||||
state: "present"
|
db_name: "{{ heat_galera_database }}"
|
||||||
priv: "{{ heat_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['heat_all'][0]
|
when: inventory_hostname == groups['heat_all'][0]
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
roles:
|
roles:
|
||||||
- role: "os_heat"
|
- role: "os_heat"
|
||||||
heat_venv_tag: "{{ openstack_release }}"
|
heat_venv_tag: "{{ openstack_release }}"
|
||||||
|
@ -19,91 +19,22 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "horizon_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
delegate_to: "{{ physical_host }}"
|
vars:
|
||||||
when: not is_metal | bool
|
log_dirs:
|
||||||
register: container_config
|
- src: "/openstack/log/{{ inventory_hostname }}-horizon"
|
||||||
tags:
|
dest: "/var/log/horizon"
|
||||||
- lxc-aa-profile
|
- include: common-tasks/mysql-db-user.yml
|
||||||
- name: Wait for container ssh
|
vars:
|
||||||
wait_for:
|
user_name: "{{ horizon_galera_user }}"
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Sort the rabbitmq servers
|
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['horizon_all'] }}"
|
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-horizon" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- horizon-logs
|
|
||||||
- horizon-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-horizon", dest: "/var/log/horizon", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- horizon-logs
|
|
||||||
- name: Create DB for service
|
|
||||||
mysql_db:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ horizon_galera_address }}"
|
|
||||||
name: "{{ horizon_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['horizon_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ horizon_galera_address }}"
|
|
||||||
name: "{{ horizon_galera_user }}"
|
|
||||||
password: "{{ horizon_container_mysql_password }}"
|
password: "{{ horizon_container_mysql_password }}"
|
||||||
host: "{{ item }}"
|
login_host: "{{ horizon_galera_address }}"
|
||||||
state: "present"
|
db_name: "{{ horizon_galera_database }}"
|
||||||
priv: "{{ horizon_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['horizon_all'][0]
|
when: inventory_hostname == groups['horizon_all'][0]
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
roles:
|
roles:
|
||||||
- role: "os_horizon"
|
- role: "os_horizon"
|
||||||
horizon_server_name: "{{ container_name }}"
|
horizon_server_name: "{{ container_name }}"
|
||||||
|
@ -18,95 +18,25 @@
|
|||||||
gather_facts: "{{ gather_facts | default(True) }}"
|
gather_facts: "{{ gather_facts | default(True) }}"
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "ironic_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
delegate_to: "{{ physical_host }}"
|
vars:
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Ensure Rabbitmq vhost for Ironic
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ ironic_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
run_once: true
|
|
||||||
tags:
|
|
||||||
- ironic-rabbitmq
|
|
||||||
- ironic-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user for Ironic
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ ironic_rabbitmq_userid }}"
|
user: "{{ ironic_rabbitmq_userid }}"
|
||||||
password: "{{ ironic_rabbitmq_password }}"
|
password: "{{ ironic_rabbitmq_password }}"
|
||||||
vhost: "{{ ironic_rabbitmq_vhost }}"
|
vhost: "{{ ironic_rabbitmq_vhost }}"
|
||||||
configure_priv: ".*"
|
when:
|
||||||
read_priv: ".*"
|
- inventory_hostname == groups['ironic_all'][0]
|
||||||
write_priv: ".*"
|
- groups['rabbitmq_all'] | length > 0
|
||||||
state: "present"
|
- include: common-tasks/mysql-db-user.yml
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
vars:
|
||||||
run_once: true
|
user_name: "{{ ironic_galera_user }}"
|
||||||
tags:
|
password: "{{ ironic_container_mysql_password }}"
|
||||||
- ironic-rabbitmq
|
|
||||||
- ironic-rabbitmq-user
|
|
||||||
- name: Create DB for Ironic
|
|
||||||
mysql_db:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ ironic_galera_address }}"
|
login_host: "{{ ironic_galera_address }}"
|
||||||
name: "{{ ironic_galera_database }}"
|
db_name: "{{ ironic_galera_database }}"
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['ironic_all'][0]
|
when: inventory_hostname == groups['ironic_all'][0]
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
run_once: true
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for Ironic
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ ironic_galera_address }}"
|
|
||||||
name: "{{ ironic_galera_user }}"
|
|
||||||
password: "{{ ironic_galera_password }}"
|
|
||||||
host: "{{ item }}"
|
|
||||||
state: "present"
|
|
||||||
priv: "{{ ironic_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['ironic_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
run_once: true
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Sort the rabbitmq servers
|
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['ironic_all'] }}"
|
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
roles:
|
roles:
|
||||||
- role: "os_ironic"
|
- role: "os_ironic"
|
||||||
ironic_venv_tag: "{{ openstack_release }}"
|
ironic_venv_tag: "{{ openstack_release }}"
|
||||||
|
@ -19,63 +19,31 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "keystone_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
delegate_to: "{{ physical_host }}"
|
vars:
|
||||||
when: not is_metal | bool
|
user: "{{ keystone_rabbitmq_userid }}"
|
||||||
register: container_config
|
password: "{{ keystone_rabbitmq_password }}"
|
||||||
tags:
|
vhost: "{{ keystone_rabbitmq_vhost }}"
|
||||||
- lxc-aa-profile
|
when:
|
||||||
- name: Wait for container ssh
|
- inventory_hostname == groups['keystone_all'][0]
|
||||||
wait_for:
|
- groups['rabbitmq_all'] | length > 0
|
||||||
port: "22"
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
delay: "{{ ssh_delay }}"
|
vars:
|
||||||
search_regex: "OpenSSH"
|
log_dirs:
|
||||||
host: "{{ ansible_ssh_host }}"
|
- src: "/openstack/log/{{ inventory_hostname }}-keystone"
|
||||||
delegate_to: "{{ physical_host }}"
|
dest: "/var/log/keystone"
|
||||||
when: container_config is defined and container_config | changed
|
- include: common-tasks/mysql-db-user.yml
|
||||||
register: ssh_wait_check
|
vars:
|
||||||
until: ssh_wait_check | success
|
user_name: "{{ keystone_galera_user }}"
|
||||||
retries: 3
|
password: "{{ keystone_container_mysql_password }}"
|
||||||
tags:
|
login_host: "{{ keystone_galera_address }}"
|
||||||
- ssh-wait
|
db_name: "{{ keystone_galera_database }}"
|
||||||
- name: Sort the rabbitmq servers
|
when: inventory_hostname == groups['keystone_all'][0]
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['keystone_all'] }}"
|
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-keystone" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- keystone-logs
|
|
||||||
- keystone-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-keystone", dest: "/var/log/keystone", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- keystone-logs
|
|
||||||
# todo(cloudnull): this task is being run only if/when keystone is installed on a physical host.
|
# todo(cloudnull): this task is being run only if/when keystone is installed on a physical host.
|
||||||
# This is not being run within a container because it is an unsupported action due to this
|
# This is not being run within a container because it is an unsupported action due to this
|
||||||
# issue: (https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1279041)
|
# issue: (https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1279041)
|
||||||
@ -93,61 +61,6 @@
|
|||||||
when: is_metal | bool
|
when: is_metal | bool
|
||||||
tags:
|
tags:
|
||||||
- keystone-reserved-port
|
- keystone-reserved-port
|
||||||
- name: Ensure Rabbitmq vhost
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ keystone_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['keystone_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- keystone-rabbitmq
|
|
||||||
- keystone-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ keystone_rabbitmq_userid }}"
|
|
||||||
password: "{{ keystone_rabbitmq_password }}"
|
|
||||||
vhost: "{{ keystone_rabbitmq_vhost }}"
|
|
||||||
configure_priv: ".*"
|
|
||||||
read_priv: ".*"
|
|
||||||
write_priv: ".*"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['keystone_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- keystone-rabbitmq
|
|
||||||
- keystone-rabbitmq-user
|
|
||||||
- name: Keystone create DB for service
|
|
||||||
mysql_db:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ keystone_galera_address }}"
|
|
||||||
name: "{{ keystone_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['keystone_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Keystone grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ keystone_galera_address }}"
|
|
||||||
name: "{{ keystone_galera_user }}"
|
|
||||||
password: "{{ keystone_container_mysql_password }}"
|
|
||||||
host: "{{ item }}"
|
|
||||||
state: "present"
|
|
||||||
priv: "{{ keystone_galera_database }}.*:ALL"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
when: inventory_hostname == groups['keystone_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
roles:
|
roles:
|
||||||
- role: "os_keystone"
|
- role: "os_keystone"
|
||||||
keystone_venv_tag: "{{ openstack_release }}"
|
keystone_venv_tag: "{{ openstack_release }}"
|
||||||
|
@ -19,137 +19,41 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "neutron_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=unconfined"
|
vars:
|
||||||
delegate_to: "{{ physical_host }}"
|
aa_profile: "unconfined"
|
||||||
when: >
|
list_of_bind_mounts:
|
||||||
not is_metal | bool and
|
- bind_dir_path: "/lib/modules"
|
||||||
inventory_hostname in groups['neutron_agent']
|
mount_path: "/lib/modules"
|
||||||
register: container_config
|
extra_container_config:
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Neutron extra lxc config
|
|
||||||
lxc_container:
|
|
||||||
name: "{{ container_name }}"
|
|
||||||
container_command: |
|
|
||||||
[[ ! -d "/lib/modules" ]] && mkdir -p "/lib/modules"
|
|
||||||
container_config:
|
|
||||||
- "lxc.cgroup.devices.allow=a *:* rmw"
|
- "lxc.cgroup.devices.allow=a *:* rmw"
|
||||||
- "lxc.mount.entry=/lib/modules lib/modules none bind 0 0"
|
when: inventory_hostname in groups['neutron_agent']
|
||||||
delegate_to: "{{ physical_host }}"
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
when: >
|
when: inventory_hostname not in groups['neutron_agent']
|
||||||
not is_metal | bool and
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
inventory_hostname in groups['neutron_agent']
|
vars:
|
||||||
register: container_extra_config
|
|
||||||
tags:
|
|
||||||
- neutron-container-setup
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
(container_config is defined and container_config | changed) or
|
|
||||||
(container_extra_config is defined and container_extra_config | changed)
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Sort the rabbitmq servers
|
|
||||||
dist_sort:
|
|
||||||
value_to_lookup: "{{ container_name }}"
|
|
||||||
ref_list: "{{ groups['neutron_all'] }}"
|
|
||||||
src_list: "{{ neutron_rabbitmq_servers }}"
|
|
||||||
register: servers
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-neutron" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- neutron-logs
|
|
||||||
- neutron-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-neutron", dest: "/var/log/neutron", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- neutron-logs
|
|
||||||
- name: Ensure Rabbitmq vhost
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ neutron_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['neutron_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- neutron-rabbitmq
|
|
||||||
- neutron-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ neutron_rabbitmq_userid }}"
|
user: "{{ neutron_rabbitmq_userid }}"
|
||||||
password: "{{ neutron_rabbitmq_password }}"
|
password: "{{ neutron_rabbitmq_password }}"
|
||||||
vhost: "{{ neutron_rabbitmq_vhost }}"
|
vhost: "{{ neutron_rabbitmq_vhost }}"
|
||||||
configure_priv: ".*"
|
|
||||||
read_priv: ".*"
|
|
||||||
write_priv: ".*"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['neutron_all'][0]
|
- inventory_hostname == groups['neutron_all'][0]
|
||||||
- groups['rabbitmq_all']|length > 0
|
- groups['rabbitmq_all'] | length > 0
|
||||||
tags:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
- neutron-rabbitmq
|
vars:
|
||||||
- neutron-rabbitmq-user
|
log_dirs:
|
||||||
- name: Create DB for service
|
- src: "/openstack/log/{{ inventory_hostname }}-neutron"
|
||||||
mysql_db:
|
dest: "/var/log/neutron"
|
||||||
login_user: "{{ galera_root_user }}"
|
- include: common-tasks/mysql-db-user.yml
|
||||||
login_password: "{{ galera_root_password }}"
|
vars:
|
||||||
login_host: "{{ neutron_galera_address }}"
|
user_name: "{{ neutron_galera_user }}"
|
||||||
name: "{{ neutron_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['neutron_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ neutron_galera_address }}"
|
|
||||||
name: "{{ neutron_galera_user }}"
|
|
||||||
password: "{{ neutron_container_mysql_password }}"
|
password: "{{ neutron_container_mysql_password }}"
|
||||||
host: "{{ item }}"
|
login_host: "{{ neutron_galera_address }}"
|
||||||
state: "present"
|
db_name: "{{ neutron_galera_database }}"
|
||||||
priv: "{{ neutron_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['neutron_all'][0]
|
when: inventory_hostname == groups['neutron_all'][0]
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Create the neutron provider networks facts
|
- name: Create the neutron provider networks facts
|
||||||
provider_networks:
|
provider_networks:
|
||||||
provider_networks: "{{ provider_networks }}"
|
provider_networks: "{{ provider_networks }}"
|
||||||
|
@ -19,42 +19,38 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
sort_group_name: "nova_all"
|
||||||
container_config:
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||||
delegate_to: "{{ physical_host }}"
|
vars:
|
||||||
when: not is_metal | bool
|
user: "{{ nova_rabbitmq_userid }}"
|
||||||
register: container_config
|
password: "{{ nova_rabbitmq_password }}"
|
||||||
tags:
|
vhost: "{{ nova_rabbitmq_vhost }}"
|
||||||
- lxc-aa-profile
|
when:
|
||||||
- name: Wait for container ssh
|
- inventory_hostname == groups['nova_all'][0]
|
||||||
wait_for:
|
- groups['rabbitmq_all'] | length > 0
|
||||||
port: "22"
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
delay: "{{ ssh_delay }}"
|
vars:
|
||||||
search_regex: "OpenSSH"
|
log_dirs:
|
||||||
host: "{{ ansible_ssh_host }}"
|
- src: "/openstack/log/{{ inventory_hostname }}-nova"
|
||||||
delegate_to: "{{ physical_host }}"
|
dest: "/var/log/nova"
|
||||||
when: container_config is defined and container_config | changed
|
- include: common-tasks/mysql-db-user.yml
|
||||||
register: ssh_wait_check
|
vars:
|
||||||
until: ssh_wait_check | success
|
user_name: "{{ nova_galera_user }}"
|
||||||
retries: 3
|
password: "{{ nova_container_mysql_password }}"
|
||||||
tags:
|
login_host: "{{ nova_galera_address }}"
|
||||||
- ssh-wait
|
db_name: "{{ nova_galera_database }}"
|
||||||
- name: Sort the rabbitmq servers
|
when: inventory_hostname == groups['nova_all'][0]
|
||||||
dist_sort:
|
- include: common-tasks/mysql-db-user.yml
|
||||||
value_to_lookup: "{{ container_name }}"
|
vars:
|
||||||
ref_list: "{{ groups['nova_all'] }}"
|
user_name: "{{ nova_api_galera_user }}"
|
||||||
src_list: "{{ rabbitmq_servers }}"
|
password: "{{ nova_api_container_mysql_password }}"
|
||||||
register: servers
|
login_host: "{{ nova_api_galera_address }}"
|
||||||
tags:
|
db_name: "{{ nova_api_galera_database }}"
|
||||||
- always
|
when: inventory_hostname == groups['nova_all'][0]
|
||||||
- name: Set rabbitmq servers
|
|
||||||
set_fact:
|
|
||||||
rabbitmq_servers: "{{ servers.sorted_list }}"
|
|
||||||
tags:
|
|
||||||
- always
|
|
||||||
- name: Add nbd devices to the compute
|
- name: Add nbd devices to the compute
|
||||||
shell: |
|
shell: |
|
||||||
for i in /dev/nbd*;do
|
for i in /dev/nbd*;do
|
||||||
@ -107,110 +103,6 @@
|
|||||||
tags:
|
tags:
|
||||||
- nova-kvm
|
- nova-kvm
|
||||||
- nova-kvm-container-devices
|
- nova-kvm-container-devices
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-nova" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- nova-logs
|
|
||||||
- nova-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-nova", dest: "/var/log/nova", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- nova-logs
|
|
||||||
- name: Ensure Rabbitmq vhost
|
|
||||||
rabbitmq_vhost:
|
|
||||||
name: "{{ nova_rabbitmq_vhost }}"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['nova_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- nova-rabbitmq
|
|
||||||
- nova-rabbitmq-vhost
|
|
||||||
- name: Ensure rabbitmq user
|
|
||||||
rabbitmq_user:
|
|
||||||
user: "{{ nova_rabbitmq_userid }}"
|
|
||||||
password: "{{ nova_rabbitmq_password }}"
|
|
||||||
vhost: "{{ nova_rabbitmq_vhost }}"
|
|
||||||
configure_priv: ".*"
|
|
||||||
read_priv: ".*"
|
|
||||||
write_priv: ".*"
|
|
||||||
state: "present"
|
|
||||||
delegate_to: "{{ groups['rabbitmq_all'][0] }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['nova_all'][0]
|
|
||||||
- groups['rabbitmq_all']|length > 0
|
|
||||||
tags:
|
|
||||||
- nova-rabbitmq
|
|
||||||
- nova-rabbitmq-user
|
|
||||||
- name: Create DB for service
|
|
||||||
mysql_db:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ nova_galera_address }}"
|
|
||||||
name: "{{ nova_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['nova_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ nova_galera_address }}"
|
|
||||||
name: "{{ nova_galera_user }}"
|
|
||||||
password: "{{ nova_container_mysql_password }}"
|
|
||||||
host: "{{ item }}"
|
|
||||||
state: "present"
|
|
||||||
priv: "{{ nova_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['nova_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Create API DB for service
|
|
||||||
mysql_db:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ nova_api_galera_address }}"
|
|
||||||
name: "{{ nova_api_galera_database }}"
|
|
||||||
state: "present"
|
|
||||||
when: inventory_hostname == groups['nova_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Grant access to the API DB for the service
|
|
||||||
mysql_user:
|
|
||||||
login_user: "{{ galera_root_user }}"
|
|
||||||
login_password: "{{ galera_root_password }}"
|
|
||||||
login_host: "{{ nova_api_galera_address }}"
|
|
||||||
name: "{{ nova_api_galera_user }}"
|
|
||||||
password: "{{ nova_api_container_mysql_password }}"
|
|
||||||
host: "{{ item }}"
|
|
||||||
state: "present"
|
|
||||||
priv: "{{ nova_api_galera_database }}.*:ALL"
|
|
||||||
when: inventory_hostname == groups['nova_all'][0]
|
|
||||||
delegate_to: "{{ groups['galera_all'][0] }}"
|
|
||||||
with_items:
|
|
||||||
- "localhost"
|
|
||||||
- "%"
|
|
||||||
tags:
|
|
||||||
- mysql-db-setup
|
|
||||||
- name: Set nova management bridge (is_metal)
|
- name: Set nova management bridge (is_metal)
|
||||||
set_fact:
|
set_fact:
|
||||||
management_bridge: "{{ 'ansible_' + hostvars[inventory_hostname]['management_bridge'] | replace('-', '_') }}"
|
management_bridge: "{{ 'ansible_' + hostvars[inventory_hostname]['management_bridge'] | replace('-', '_') }}"
|
||||||
|
@ -19,64 +19,15 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
name: "{{ container_name }}"
|
vars:
|
||||||
container_config:
|
log_dirs:
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- src: "/openstack/log/{{ inventory_hostname }}-swift"
|
||||||
delegate_to: "{{ physical_host }}"
|
dest: "/var/log/swift"
|
||||||
when:
|
owner: "syslog"
|
||||||
- inventory_hostname in groups['swift_all']
|
group: "syslog"
|
||||||
- not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when:
|
|
||||||
- inventory_hostname in groups['swift_all']
|
|
||||||
- container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-swift" }
|
|
||||||
when:
|
|
||||||
- inventory_hostname in groups['swift_all']
|
|
||||||
- is_metal | bool
|
|
||||||
tags:
|
|
||||||
- swift-logs
|
|
||||||
- swift-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
owner: "{{ item.owner }}"
|
|
||||||
group: "{{ item.group }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- src: "/openstack/log/{{ inventory_hostname }}-swift"
|
|
||||||
dest: "/var/log/swift"
|
|
||||||
owner: "syslog"
|
|
||||||
group: "syslog"
|
|
||||||
state: "link"
|
|
||||||
when:
|
|
||||||
- inventory_hostname in groups['swift_all']
|
|
||||||
- is_metal | bool
|
|
||||||
tags:
|
|
||||||
- swift-logs
|
|
||||||
- name: Set swift storage bridge (is_metal)
|
- name: Set swift storage bridge (is_metal)
|
||||||
set_fact:
|
set_fact:
|
||||||
storage_bridge: "{{ 'ansible_' + swift.storage_network | replace('-', '_') }}"
|
storage_bridge: "{{ 'ansible_' + swift.storage_network | replace('-', '_') }}"
|
||||||
|
@ -19,29 +19,7 @@
|
|||||||
max_fail_percentage: 0
|
max_fail_percentage: 0
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
|
||||||
name: "{{ container_name }}"
|
|
||||||
container_config:
|
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
roles:
|
roles:
|
||||||
- role: "pip_install"
|
- role: "pip_install"
|
||||||
pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}"
|
pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}"
|
||||||
|
@ -19,43 +19,11 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
list_of_bind_mounts:
|
||||||
container_config:
|
- bind_dir_path: "/var/www"
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
mount_path: "/openstack/{{ inventory_hostname }}"
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Package repo extra lxc config
|
|
||||||
lxc_container:
|
|
||||||
name: "{{ container_name }}"
|
|
||||||
container_command: |
|
|
||||||
[[ ! -d "/var/www" ]] && mkdir -p "/var/www"
|
|
||||||
container_config:
|
|
||||||
- "lxc.mount.entry=/openstack/{{ container_name }} var/www none bind 0 0"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_extra_config
|
|
||||||
tags:
|
|
||||||
- repo-dirs
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
(container_config is defined and container_config | changed) or
|
|
||||||
(container_extra_config is defined and container_extra_config | changed)
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
roles:
|
roles:
|
||||||
- { role: "repo_server", tags: [ "repo-server" ] }
|
- { role: "repo_server", tags: [ "repo-server" ] }
|
||||||
- role: "rsyslog_client"
|
- role: "rsyslog_client"
|
||||||
|
@ -19,52 +19,11 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
vars:
|
||||||
name: "{{ container_name }}"
|
list_of_bind_mounts:
|
||||||
container_config:
|
- bind_dir_path: "{{ storage_directory }}"
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
mount_path: "/openstack/{{ inventory_hostname }}/log-storage"
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Ensure log storage directory exists
|
|
||||||
file:
|
|
||||||
path: "/openstack/{{ container_name }}/log-storage"
|
|
||||||
state: "directory"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
tags:
|
|
||||||
- rsyslog-storage-dirs
|
|
||||||
- name: Rsyslog server extra lxc config
|
|
||||||
lxc_container:
|
|
||||||
name: "{{ container_name }}"
|
|
||||||
container_command: |
|
|
||||||
[[ ! -d "{{ storage_directory }}" ]] && mkdir -p "{{ storage_directory }}"
|
|
||||||
container_config:
|
|
||||||
- "lxc.mount.entry=/openstack/{{ container_name }}/log-storage {{ storage_directory.lstrip('/') }} none bind 0 0"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_extra_config
|
|
||||||
tags:
|
|
||||||
- rsyslog-storage-dirs
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: >
|
|
||||||
(container_config is defined and container_config | changed) or
|
|
||||||
(container_extra_config is defined and container_extra_config | changed)
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- { role: "rsyslog_server", tags: [ "rsyslog-server" ] }
|
- { role: "rsyslog_server", tags: [ "rsyslog-server" ] }
|
||||||
- role: "system_crontab_coordination"
|
- role: "system_crontab_coordination"
|
||||||
|
@ -18,51 +18,14 @@
|
|||||||
max_fail_percentage: 20
|
max_fail_percentage: 20
|
||||||
user: root
|
user: root
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Use the lxc-openstack aa profile
|
- include: common-tasks/os-lxc-container-setup.yml
|
||||||
lxc_container:
|
- include: common-tasks/os-log-dir-setup.yml
|
||||||
name: "{{ container_name }}"
|
vars:
|
||||||
container_config:
|
log_dirs:
|
||||||
- "lxc.aa_profile=lxc-openstack"
|
- src: "/openstack/log/{{ inventory_hostname }}-utility"
|
||||||
delegate_to: "{{ physical_host }}"
|
dest: "/var/log/utility"
|
||||||
when: not is_metal | bool
|
|
||||||
register: container_config
|
- name: Create log directory (not is_metal)
|
||||||
tags:
|
|
||||||
- lxc-aa-profile
|
|
||||||
- name: Wait for container ssh
|
|
||||||
wait_for:
|
|
||||||
port: "22"
|
|
||||||
delay: "{{ ssh_delay }}"
|
|
||||||
search_regex: "OpenSSH"
|
|
||||||
host: "{{ ansible_ssh_host }}"
|
|
||||||
delegate_to: "{{ physical_host }}"
|
|
||||||
when: container_config is defined and container_config | changed
|
|
||||||
register: ssh_wait_check
|
|
||||||
until: ssh_wait_check | success
|
|
||||||
retries: 3
|
|
||||||
tags:
|
|
||||||
- ssh-wait
|
|
||||||
- name: Create log dir
|
|
||||||
file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- { path: "/openstack/log/{{ inventory_hostname }}-utility" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- utility-logs
|
|
||||||
- utility-log-dirs
|
|
||||||
- name: Create log aggregation links
|
|
||||||
file:
|
|
||||||
src: "{{ item.src }}"
|
|
||||||
dest: "{{ item.dest }}"
|
|
||||||
state: "{{ item.state }}"
|
|
||||||
force: "yes"
|
|
||||||
with_items:
|
|
||||||
- { src: "/openstack/log/{{ inventory_hostname }}-utility", dest: "/var/log/utility", state: "link" }
|
|
||||||
when: is_metal | bool
|
|
||||||
tags:
|
|
||||||
- utility-logs
|
|
||||||
- name: Create log directory
|
|
||||||
file:
|
file:
|
||||||
dest: "/var/log/utility"
|
dest: "/var/log/utility"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
|
Loading…
Reference in New Issue
Block a user