openstack-ansible/playbooks/os-neutron-install.yml

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Configure Neutron dynamic host groupings
  hosts: localhost
  gather_facts: no
  tasks:
    - include: common-tasks/dynamic-grouping.yml
      vars:
        src_group: "nova_compute"
        dest_group: "neutron_l3_agent, neutron_metadata_agent"
      when:
        - "{{ neutron_plugin_type == 'ml2.ovs.dvr' }}"

- name: Installation and setup of Neutron
  hosts: neutron_all
  gather_facts: "{{ gather_facts | default(True) }}"
  max_fail_percentage: 20
  user: root
  pre_tasks:
    - include: common-tasks/os-lxc-container-setup.yml
      # This config is specific to Ubuntu
      vars:
        aa_profile: "unconfined"
        list_of_bind_mounts:
          - bind_dir_path: "/lib/modules"
            mount_path: "/lib/modules"
        extra_container_config:
          - "lxc.cgroup.devices.allow=a *:* rmw"
        extra_container_config_no_restart:
          - "lxc.start.order=79"
      when:
        - inventory_hostname in groups['neutron_agent']
        - ansible_pkg_mgr == 'apt'
    - include: common-tasks/os-lxc-container-setup.yml
      # This config is specific to CentOS.
      vars:
        aa_profile: "unconfined"
        list_of_bind_mounts:
          - bind_dir_path: "/usr/lib/modules"
            mount_path: "/usr/lib/modules"
        extra_container_config:
          - "lxc.cgroup.devices.allow=a *:* rmw"
      when:
        - inventory_hostname in groups['neutron_agent']
        - ansible_pkg_mgr == 'yum'
    - include: common-tasks/os-lxc-container-setup.yml
      static: no
      when: inventory_hostname not in groups['neutron_agent']
    - include: common-tasks/rabbitmq-vhost-user.yml
      static: no
      vars:
        user: "{{ neutron_rabbitmq_userid }}"
        password: "{{ neutron_rabbitmq_password }}"
        vhost: "{{ neutron_rabbitmq_vhost }}"
        _rabbitmq_host_group: "{{ neutron_rabbitmq_host_group }}"
      when:
        - inventory_hostname == groups['neutron_all'][0]
        - groups[neutron_rabbitmq_host_group] | length > 0
    - include: common-tasks/rabbitmq-vhost-user.yml
      static: no
      vars:
        user: "{{ neutron_rabbitmq_telemetry_userid }}"
        password: "{{ neutron_rabbitmq_telemetry_password }}"
        vhost: "{{ neutron_rabbitmq_telemetry_vhost }}"
        _rabbitmq_host_group: "{{ neutron_rabbitmq_telemetry_host_group }}"
      when:
        - neutron_ceilometer_enabled | bool
        - inventory_hostname == groups['neutron_all'][0]
        - groups[neutron_rabbitmq_telemetry_host_group] is defined
        - groups[neutron_rabbitmq_telemetry_host_group] | length > 0
        - groups[neutron_rabbitmq_telemetry_host_group] != groups[neutron_rabbitmq_host_group]
    - include: common-tasks/os-log-dir-setup.yml
      vars:
        log_dirs:
          - src: "/openstack/log/{{ inventory_hostname }}-neutron"
            dest: "/var/log/neutron"
    - include: common-tasks/os-log-dir-setup.yml
      vars:
        log_dirs:
          - src: "/openstack/log/{{ inventory_hostname }}-calico"
            dest: "/var/log/calico"
      when: "{{ 'neutron_calico_dhcp_agent' in group_names }}"
    - include: common-tasks/mysql-db-user.yml
      static: no
      vars:
        user_name: "{{ neutron_galera_user }}"
        password: "{{ neutron_container_mysql_password }}"
        login_host: "{{ neutron_galera_address }}"
        db_name: "{{ neutron_galera_database }}"
      when: inventory_hostname == groups['neutron_all'][0]
    - include: common-tasks/package-cache-proxy.yml

    - name: Create the neutron provider networks facts
      provider_networks:
        provider_networks: "{{ provider_networks }}"
        bind_prefix: "{{ bind_prefix }}"
        is_metal: "{{ is_metal }}"
      register: pndata
      tags:
        - always
    - name: Set provider network fact(s)
      set_fact:
        _provider_networks: "{{ pndata }}"
        _overlay_network: "{{ container_networks.tunnel_address|default({}) }}"
      tags:
        - always
    - name: set local_ip fact (is_metal)
      set_fact:
        _local_ip: "{{ hostvars[inventory_hostname]['ansible_' + _overlay_network.bridge|default(ansible_default_ipv4['interface'])|replace('-', '_')]['ipv4']['address']|default(ansible_host) }}"
      when:
        - is_metal | bool
      tags:
        - always
    - name: set local_ip fact (container)
      set_fact:
        _local_ip: "{{ _overlay_network.address|default(ansible_host) }}"
      when:
        - not is_metal | bool
      tags:
        - always
  roles:
    - role: "os_neutron"
      neutron_venv_tag: "{{ openstack_release }}"
      neutron_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/neutron-{{ openstack_release }}-{{ ansible_architecture | lower }}.tgz"
      neutron_overlay_network: "{{ _overlay_network }}"
      neutron_provider_networks: "{{ _provider_networks }}"
      neutron_local_ip: "{{ _local_ip|default('127.0.0.1') }}"
    - role: "bird"
      when:
        - "'neutron_calico_dhcp_agent' in group_names"
      tags:
        - bird
    - role: "openstack_openrc"
      tags:
        - openrc
    - role: "rsyslog_client"
      rsyslog_client_log_rotate_file: neutron_log_rotate
      rsyslog_client_log_dir: "/var/log/neutron"
      rsyslog_client_config_name: "99-neutron-rsyslog-client.conf"
      rsyslog_client_log_files:
        - /var/log/conntrackd.log
        - /var/log/conntrackd-stats.log
      tags:
        - rsyslog
    - role: "system_crontab_coordination"
      tags:
        - crontab
  vars:
    is_metal: "{{ properties.is_metal|default(false) }}"
    bind_prefix: "{{ provider_network_bind_prefix|default('') }}"
  tags:
    - neutron