From efd023430028defd092b85f318a11f6fc0994505 Mon Sep 17 00:00:00 2001 From: Ricardo Carrillo Cruz Date: Mon, 6 Jun 2016 08:41:46 +0000 Subject: [PATCH] Switch the provisioning step to the cloud launcher role I've been slowly decoupling the provisioning role from infra-ansible into its own role: http://git.openstack.org/cgit/openstack/ansible-role-cloud-launcher Now that it has feature parity and it is gating in OpenStack CI, just use it and remove setup_openstack_resources roles. Change-Id: I4810d0bdb57cf1f069f20fb133f5f2afe15e4e87 --- .gitignore | 2 +- README.md | 6 +- ansible.cfg | 1 + infra_config.yml.sample | 44 ----- requirements.txt | 2 +- requirements.yml | 3 + resources.yml.sample | 176 ++++++++++++++++++ .../defaults/main.yml | 3 - .../setup_openstack_resources/tasks/main.yml | 53 ------ run.sh | 2 +- setup_env.sh | 3 + setup_openstack_resources.yml | 2 +- tox.ini | 3 +- 13 files changed, 192 insertions(+), 108 deletions(-) delete mode 100644 infra_config.yml.sample create mode 100644 requirements.yml create mode 100644 resources.yml.sample delete mode 100644 roles/setup_openstack_resources/defaults/main.yml delete mode 100644 roles/setup_openstack_resources/tasks/main.yml diff --git a/.gitignore b/.gitignore index a8f611f..acfa813 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,5 @@ venv/ -infra_config.yml +resources.yml inventory/openstack.py .tox *.retry diff --git a/README.md b/README.md index ae5cdee..6f76c90 100644 --- a/README.md +++ b/README.md @@ -3,14 +3,14 @@ Instructions 1. Run ``source setup_env.sh`` 3. Source your OpenStack cloud environment variables rc file -3. Run ``cp infra_config.yml.sample infra_config.yml`` -4. Edit infra_config.yml and put your environment values +3. Run ``cp resources.yml.sample resources.yml`` +4. Edit resources.yml and put your environment values 5. Run ``bash run.sh`` Notes ===== -In infra_config.yml you may specify public key file instead of public key content, in the following way: +In resources.yml you may specify public key file instead of public key content, in the following way: keypairs: - name: my_key_file diff --git a/ansible.cfg b/ansible.cfg index eb08be1..f512869 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,2 +1,3 @@ [defaults] host_key_checking=no +roles_path=./roles diff --git a/infra_config.yml.sample b/infra_config.yml.sample deleted file mode 100644 index 9172cfb..0000000 --- a/infra_config.yml.sample +++ /dev/null @@ -1,44 +0,0 @@ ---- -os_client_config_cloud: envvars -system_config_repo_url: git@your_git_server/system-config.git -key_name: your_openstack_key_name -domainname: yourdomain -keypairs: - - name: my_key_name - public_key: my_public_key_content -infra_servers: - - name: puppetmaster - image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633 - flavor: standard.small - net_name: your_neutron_network - security_groups: default - infra_type: puppetmaster - - name: zuul - image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633 - flavor: standard.small - net_name: your_neutron_network - security_groups: default - infra_type: zuul - - name: jenkins - image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633 - flavor: standard.medium - net_name: your_neutron_network - security_groups: "default,webserver" - infra_type: jenkins - - name: gerrit - image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633 - flavor: standard.large - net_name: your_neutron_network - security_groups: "default,webserver" - infra_type: gerrit - volumes: - - name: gerrit_volume - size: 40 - - name: gerrit_volume2 - size: 60 - - name: nodepool - image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633 - flavor: standard.small - net_name: your_neutron_network - security_groups: default - infra_type: nodepool diff --git a/requirements.txt b/requirements.txt index 582ccb8..147420b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ -ansible==2.0.0.2 +ansible==2.1.0 shade jinja2 diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..1ad940f --- /dev/null +++ b/requirements.yml @@ -0,0 +1,3 @@ +- src: git+git://git.openstack.org/openstack/ansible-role-cloud-launcher.git + version: HEAD + name: cloud_launcher diff --git a/resources.yml.sample b/resources.yml.sample new file mode 100644 index 0000000..cbdde31 --- /dev/null +++ b/resources.yml.sample @@ -0,0 +1,176 @@ +profiles: + - name: admin-clouds + domains: + - name: ops + description: Ops team domain + - name: qa + description: QA team domain + - name: rnd + description: R&D team domain + projects: + - name: ops + domain: ops + description: Ops team project + - name: qa + domain: qa + description: QA team project + - name: rnd + domain: rnd + description: RnD team project + users: + - name: opsadmin + password: changeme + email: opsadmin@aoclcompany.aocl + domain: ops + default_project: ops + - name: qaadmin + password: changeme + email: qaadmin@aoclcompany.aocl + domain: qa + default_project: qa + - name: rndadmin + password: changeme + email: rndadmin@aoclcompany.aocl + domain: rnd + default_project: rnd + flavors: + - name: aoclcompany.xlarge + ram: 128 + vcpus: 1 + disk: 0 + - name: aoclcompany.large + ram: 64 + vcpus: 1 + disk: 0 + images: + - name: ubuntu-trusty + filename: /home/ubuntu/trusty-server-cloudimg-amd64-disk1.img + - name: ops + networks: + - name: ops-net + subnets: + - name: ops-subnet + network_name: ops-net + cidr: 192.168.0.0/24 + dns_nameservers: + - 8.8.8.8 + routers: + - name: ops-router + network: public + interfaces: ops-subnet + security_groups: + - name: webserver + description: Allow HTTP/HTTPS traffic + images: + - name: ubuntu-trusty + filename: /home/ubuntu/trusty-server-cloudimg-amd64-disk1.img + security_groups_rules: + - security_group: webserver + protocol: tcp + port_range_min: 80 + port_range_max: 80 + remote_ip_prefix: 0.0.0.0/0 + - security_group: webserver + protocol: tcp + port_range_min: 443 + port_range_max: 443 + remote_ip_prefix: 0.0.0.0/0 + servers: + - name: nagios + image: ubuntu-trusty + key_name: bootstrap-key + flavor: m1.small + security_groups: webserver + network: ops-net + - name: qa + networks: + - name: qa-net + subnets: + - name: qa-subnet + network_name: qa-net + cidr: 192.168.1.0/24 + dns_nameservers: + - 8.8.8.8 + routers: + - name: qa-router + network: public + interfaces: qa-subnet + security_groups: + - name: webserver + description: Allow HTTP/HTTPS traffic + - name: altwebserver + description: Allow 8080 traffic + security_groups_rules: + - security_group: webserver + protocol: tcp + port_range_min: 80 + port_range_max: 80 + remote_ip_prefix: 0.0.0.0/0 + - security_group: webserver + protocol: tcp + port_range_min: 443 + port_range_max: 443 + remote_ip_prefix: 0.0.0.0/0 + - security_group: altwebserver + protocol: tcp + port_range_min: 8080 + port_range_max: 8080 + remote_ip_prefix: 0.0.0.0/0 + servers: + - name: jenkins + image: cirros-0.3.4-x86_64-uec + key_name: bootstrap-key + flavor: m1.tiny + security_groups: altwebserver + network: qa-net + - name: rnd + networks: + - name: rnd-net + subnets: + - name: rnd-subnet + network_name: rnd-net + cidr: 192.168.2.0/24 + dns_nameservers: + - 8.8.8.8 + routers: + - name: rnd-router + network: public + interfaces: rnd-subnet + security_groups: + - name: openwide + description: Allow all traffic + security_groups_rules: + - security_group: openwide + protocol: tcp + remote_ip_prefix: 0.0.0.0/0 + servers: + - name: docker-registry + image: cirros-0.3.4-x86_64-uec + key_name: bootstrap-key + flavor: m1.tiny + security_groups: openwide + network: rnd-net + - name: bootstrap-keypair + keypairs: + - name: bootstrap-key + public_key_file: /home/ubuntu/.ssh/id_rsa.pub +clouds: + - name: awesomecloud + profiles: + - admin-clouds + - bootstrap-keypair + - name: yaycloud-ops + oscc_cloud: yaycloud-opsuser + profiles: + - bootstrap-keypair + - ops + - name: yaycloud-qa + oscc_cloud: yaycloud-qauser + profiles: + - bootstrap-keypair + - qa + - name: yaycloud-rnd + oscc_cloud: yaycloud-rnduser + profiles: + - bootstrap-keypair + - rnd diff --git a/roles/setup_openstack_resources/defaults/main.yml b/roles/setup_openstack_resources/defaults/main.yml deleted file mode 100644 index 9fb0337..0000000 --- a/roles/setup_openstack_resources/defaults/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -os_client_config_cloud: envvars -os_validate_certs: no diff --git a/roles/setup_openstack_resources/tasks/main.yml b/roles/setup_openstack_resources/tasks/main.yml deleted file mode 100644 index 6f9f4b2..0000000 --- a/roles/setup_openstack_resources/tasks/main.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -- name: Create keypairs - os_keypair: - state: present - cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}" - name: "{{ item.name | default(key_name) }}" - public_key: "{{ item.public_key | default(omit) }}" - public_key_file: "{{ item.public_key_file | default(omit) }}" - validate_certs: "{{ os_validate_certs }}" - with_items: keypairs - -- name: Create instances - os_server: - state: present - cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}" - name: "{{ item.name }}.{{ domainname }}" - image: "{{ item.image }}" - key_name: "{{ key_name }}" - timeout: 200 - flavor: "{{ item.flavor }}" - nics: - - net-name: "{{ item.net_name }}" - security_groups: "{{ item.security_groups }}" - auto_floating_ip: yes - meta: - group: infra - infra_type: "{{ item.infra_type }}" - validate_certs: "{{ os_validate_certs }}" - with_items: infra_servers - -- name: Create volumes - os_volume: - state: present - cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}" - display_name: "{{ item.1.name }}" - size: "{{ item.1.size }}" - validate_certs: "{{ os_validate_certs }}" - with_subelements: - - infra_servers - - volumes - - { skip_missing: yes } - -- name: Attach volumes - os_server_volume: - state: present - cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}" - server: "{{ item.0.name }}.{{ domainname }}" - volume: "{{ item.1.name }}" - validate_certs: "{{ os_validate_certs }}" - with_subelements: - - infra_servers - - volumes - - { skip_missing: yes } diff --git a/run.sh b/run.sh index 867972d..47bb71b 100755 --- a/run.sh +++ b/run.sh @@ -1,3 +1,3 @@ #!/bin/bash -ansible-playbook -i hosts setup_openstack_resources.yml -e "@infra_config.yml" +ansible-playbook -i hosts setup_openstack_resources.yml -e "@resources.yml" ansible-playbook -i inventory/openstack.py site.yml -e "@infra_config.yml" diff --git a/setup_env.sh b/setup_env.sh index 685a3a8..700f2ae 100755 --- a/setup_env.sh +++ b/setup_env.sh @@ -40,6 +40,9 @@ if [[ ! -d inventory ]]; then mkdir inventory fi +# Install roles dependencies from requirements.yml +ansible-galaxy install -r requirements.yml + # Install Ansible openstack inventory wget https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack.py -O inventory/openstack.py chmod +x inventory/openstack.py diff --git a/setup_openstack_resources.yml b/setup_openstack_resources.yml index abfc04a..f83989f 100644 --- a/setup_openstack_resources.yml +++ b/setup_openstack_resources.yml @@ -3,4 +3,4 @@ - hosts: localhost connection: local roles: - - { role: setup_openstack_resources } + - { role: cloud_launcher } diff --git a/tox.ini b/tox.ini index e18ee6c..c659491 100644 --- a/tox.ini +++ b/tox.ini @@ -14,4 +14,5 @@ deps = -r{toxinidir}/requirements.txt changedir = {toxinidir} commands = /usr/bin/wget -N https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack.py - /bin/bash -c "/usr/bin/find -maxdepth 1 -name '*.yml' ! -name 'infra_config.yml'| /usr/bin/xargs -n1 ansible-playbook --syntax-check --list-tasks -i hosts" + ansible-galaxy install -r requirements.yml + /bin/bash -c "/usr/bin/find -maxdepth 1 -name '*.yml' ! -name 'infra_config.yml' ! -name 'requirements.yml' | /usr/bin/xargs -n1 ansible-playbook --syntax-check --list-tasks -i hosts"