Switch the provisioning step to the cloud launcher role

I've been slowly decoupling the provisioning role from infra-ansible into its own role: http://git.openstack.org/cgit/openstack/ansible-role-cloud-launcher Now that it has feature parity and it is gating in OpenStack CI, just use it and remove setup_openstack_resources roles. Change-Id: I4810d0bdb57cf1f069f20fb133f5f2afe15e4e87
2016-06-06 08:41:46 +00:00 · 2016-06-06 08:41:46 +00:00 · efd0234300
commit efd0234300
parent 973ecb7bac
13 changed files with 192 additions and 108 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,5 +1,5 @@
 venv/
-infra_config.yml
+resources.yml
 inventory/openstack.py
 .tox
 *.retry
--- a/README.md
+++ b/README.md
@ -3,14 +3,14 @@ Instructions

 1. Run ``source setup_env.sh``
 3. Source your OpenStack cloud environment variables rc file
-3. Run ``cp infra_config.yml.sample infra_config.yml``
-4. Edit infra_config.yml and put your environment values
+3. Run ``cp resources.yml.sample resources.yml``
+4. Edit resources.yml and put your environment values
 5. Run ``bash run.sh``

 Notes
 =====

-In infra_config.yml you may specify public key file instead of public key content, in the following way:
+In resources.yml you may specify public key file instead of public key content, in the following way:

    keypairs:
      - name: my_key_file
--- a/ansible.cfg
+++ b/ansible.cfg
@ -1,2 +1,3 @@
 [defaults]
 host_key_checking=no
+roles_path=./roles
--- a/infra_config.yml.sample
+++ b/infra_config.yml.sample
@ -1,44 +0,0 @@
---
-os_client_config_cloud: envvars
-system_config_repo_url: git@your_git_server/system-config.git
-key_name: your_openstack_key_name
-domainname: yourdomain
-keypairs:
-  - name: my_key_name
-    public_key: my_public_key_content
-infra_servers:
-  - name: puppetmaster
-    image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
-    flavor: standard.small
-    net_name: your_neutron_network
-    security_groups: default
-    infra_type: puppetmaster
-  - name: zuul
-    image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
-    flavor: standard.small
-    net_name: your_neutron_network
-    security_groups: default
-    infra_type: zuul
-  - name: jenkins
-    image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
-    flavor: standard.medium
-    net_name: your_neutron_network
-    security_groups: "default,webserver"
-    infra_type: jenkins
-  - name: gerrit
-    image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
-    flavor: standard.large
-    net_name: your_neutron_network
-    security_groups: "default,webserver"
-    infra_type: gerrit
-    volumes:
-      - name: gerrit_volume
-        size: 40
-      - name: gerrit_volume2
-        size: 60
-  - name: nodepool
-    image: 9d25fe2d-cf31-4b05-8c58-f238ec78e633
-    flavor: standard.small
-    net_name: your_neutron_network
-    security_groups: default
-    infra_type: nodepool
--- a/requirements.txt
+++ b/requirements.txt
@ -1,3 +1,3 @@
-ansible==2.0.0.2
+ansible==2.1.0
 shade
 jinja2
--- a/requirements.yml
+++ b/requirements.yml
@ -0,0 +1,3 @@
+- src: git+git://git.openstack.org/openstack/ansible-role-cloud-launcher.git
+  version: HEAD
+  name: cloud_launcher
--- a/resources.yml.sample
+++ b/resources.yml.sample
@ -0,0 +1,176 @@
+profiles:
+  - name: admin-clouds
+    domains:
+      - name: ops
+        description: Ops team domain
+      - name: qa
+        description: QA team domain
+      - name: rnd
+        description: R&D team domain
+    projects:
+      - name: ops
+        domain: ops
+        description: Ops team project
+      - name: qa
+        domain: qa
+        description: QA team project
+      - name: rnd
+        domain: rnd
+        description: RnD team project
+    users:
+      - name: opsadmin
+        password: changeme
+        email: opsadmin@aoclcompany.aocl
+        domain: ops
+        default_project: ops
+      - name: qaadmin
+        password: changeme
+        email: qaadmin@aoclcompany.aocl
+        domain: qa
+        default_project: qa
+      - name: rndadmin
+        password: changeme
+        email: rndadmin@aoclcompany.aocl
+        domain: rnd
+        default_project: rnd
+    flavors:
+      - name: aoclcompany.xlarge
+        ram: 128
+        vcpus: 1
+        disk: 0
+      - name: aoclcompany.large
+        ram: 64
+        vcpus: 1
+        disk: 0
+    images:
+      - name: ubuntu-trusty
+        filename: /home/ubuntu/trusty-server-cloudimg-amd64-disk1.img
+  - name: ops
+    networks:
+      - name: ops-net
+    subnets:
+      - name: ops-subnet
+        network_name: ops-net
+        cidr: 192.168.0.0/24
+        dns_nameservers:
+          - 8.8.8.8
+    routers:
+      - name: ops-router
+        network: public
+        interfaces: ops-subnet
+    security_groups:
+      - name: webserver
+        description: Allow HTTP/HTTPS traffic
+    images:
+      - name: ubuntu-trusty
+        filename: /home/ubuntu/trusty-server-cloudimg-amd64-disk1.img
+    security_groups_rules:
+      - security_group: webserver
+        protocol: tcp
+        port_range_min: 80
+        port_range_max: 80
+        remote_ip_prefix: 0.0.0.0/0
+      - security_group: webserver
+        protocol: tcp
+        port_range_min: 443
+        port_range_max: 443
+        remote_ip_prefix: 0.0.0.0/0
+    servers:
+      - name: nagios
+        image: ubuntu-trusty
+        key_name: bootstrap-key
+        flavor: m1.small
+        security_groups: webserver
+        network: ops-net
+  - name: qa
+    networks:
+      - name: qa-net
+    subnets:
+      - name: qa-subnet
+        network_name: qa-net
+        cidr: 192.168.1.0/24
+        dns_nameservers:
+          - 8.8.8.8
+    routers:
+      - name: qa-router
+        network: public
+        interfaces: qa-subnet
+    security_groups:
+      - name: webserver
+        description: Allow HTTP/HTTPS traffic
+      - name: altwebserver
+        description: Allow 8080 traffic
+    security_groups_rules:
+      - security_group: webserver
+        protocol: tcp
+        port_range_min: 80
+        port_range_max: 80
+        remote_ip_prefix: 0.0.0.0/0
+      - security_group: webserver
+        protocol: tcp
+        port_range_min: 443
+        port_range_max: 443
+        remote_ip_prefix: 0.0.0.0/0
+      - security_group: altwebserver
+        protocol: tcp
+        port_range_min: 8080
+        port_range_max: 8080
+        remote_ip_prefix: 0.0.0.0/0
+    servers:
+      - name: jenkins
+        image: cirros-0.3.4-x86_64-uec
+        key_name: bootstrap-key
+        flavor: m1.tiny
+        security_groups: altwebserver
+        network: qa-net
+  - name: rnd
+    networks:
+      - name: rnd-net
+    subnets:
+      - name: rnd-subnet
+        network_name: rnd-net
+        cidr: 192.168.2.0/24
+        dns_nameservers:
+          - 8.8.8.8
+    routers:
+      - name: rnd-router
+        network: public
+        interfaces: rnd-subnet
+    security_groups:
+      - name: openwide
+        description: Allow all traffic
+    security_groups_rules:
+      - security_group: openwide
+        protocol: tcp
+        remote_ip_prefix: 0.0.0.0/0
+    servers:
+      - name: docker-registry
+        image: cirros-0.3.4-x86_64-uec
+        key_name: bootstrap-key
+        flavor: m1.tiny
+        security_groups: openwide
+        network: rnd-net
+  - name: bootstrap-keypair
+    keypairs:
+      - name: bootstrap-key
+        public_key_file: /home/ubuntu/.ssh/id_rsa.pub
+clouds:
+  - name: awesomecloud
+    profiles:
+      - admin-clouds
+      - bootstrap-keypair
+  - name: yaycloud-ops
+    oscc_cloud: yaycloud-opsuser
+    profiles:
+      - bootstrap-keypair
+      - ops
+  - name: yaycloud-qa
+    oscc_cloud: yaycloud-qauser
+    profiles:
+      - bootstrap-keypair
+      - qa
+  - name: yaycloud-rnd
+    oscc_cloud: yaycloud-rnduser
+    profiles:
+      - bootstrap-keypair
+      - rnd
--- a/roles/setup_openstack_resources/defaults/main.yml
+++ b/roles/setup_openstack_resources/defaults/main.yml
@ -1,3 +0,0 @@
---
-os_client_config_cloud: envvars
-os_validate_certs: no
--- a/roles/setup_openstack_resources/tasks/main.yml
+++ b/roles/setup_openstack_resources/tasks/main.yml
@ -1,53 +0,0 @@
---
- name: Create keypairs
-  os_keypair:
-    state: present
-    cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}"
-    name: "{{ item.name | default(key_name) }}"
-    public_key: "{{ item.public_key | default(omit) }}"
-    public_key_file: "{{ item.public_key_file | default(omit) }}"
-    validate_certs: "{{ os_validate_certs }}"
-  with_items: keypairs
-
- name: Create instances
-  os_server:
-    state: present
-    cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}"
-    name: "{{ item.name }}.{{ domainname }}"
-    image: "{{ item.image }}"
-    key_name: "{{ key_name }}"
-    timeout: 200
-    flavor: "{{ item.flavor }}"
-    nics:
-      - net-name: "{{ item.net_name }}"
-    security_groups: "{{ item.security_groups }}"
-    auto_floating_ip: yes
-    meta:
-      group: infra
-      infra_type: "{{ item.infra_type }}"
-    validate_certs: "{{ os_validate_certs }}"
-  with_items: infra_servers
-
- name: Create volumes
-  os_volume:
-    state: present
-    cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}"
-    display_name: "{{ item.1.name }}"
-    size: "{{ item.1.size }}"
-    validate_certs: "{{ os_validate_certs }}"
-  with_subelements:
-    - infra_servers
-    - volumes
-    - { skip_missing: yes }
-
- name: Attach volumes
-  os_server_volume:
-    state: present
-    cloud: "{{ item.os_client_config_cloud | default(os_client_config_cloud) }}"
-    server: "{{ item.0.name }}.{{ domainname }}"
-    volume: "{{ item.1.name }}"
-    validate_certs: "{{ os_validate_certs }}"
-  with_subelements:
-    - infra_servers
-    - volumes
-    - { skip_missing: yes }
--- a/run.sh
+++ b/run.sh
@ -1,3 +1,3 @@
 #!/bin/bash
-ansible-playbook -i hosts setup_openstack_resources.yml -e "@infra_config.yml"
+ansible-playbook -i hosts setup_openstack_resources.yml -e "@resources.yml"
 ansible-playbook -i inventory/openstack.py site.yml -e "@infra_config.yml"
--- a/setup_env.sh
+++ b/setup_env.sh
@ -40,6 +40,9 @@ if [[ ! -d inventory ]]; then
    mkdir inventory
 fi

+# Install roles dependencies from requirements.yml
+ansible-galaxy install -r requirements.yml
+
 # Install Ansible openstack inventory
 wget https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack.py -O inventory/openstack.py
 chmod +x inventory/openstack.py
--- a/setup_openstack_resources.yml
+++ b/setup_openstack_resources.yml
@ -3,4 +3,4 @@
 - hosts: localhost
  connection: local
  roles:
-    - { role: setup_openstack_resources }
+    - { role: cloud_launcher }
--- a/tox.ini
+++ b/tox.ini
@ -14,4 +14,5 @@ deps = -r{toxinidir}/requirements.txt
 changedir = {toxinidir}
 commands =
    /usr/bin/wget -N https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack.py
-    /bin/bash -c "/usr/bin/find -maxdepth 1 -name '*.yml' ! -name 'infra_config.yml'| /usr/bin/xargs -n1  ansible-playbook --syntax-check --list-tasks -i hosts"
+    ansible-galaxy install -r requirements.yml
+    /bin/bash -c "/usr/bin/find -maxdepth 1 -name '*.yml' ! -name 'infra_config.yml' ! -name 'requirements.yml' | /usr/bin/xargs -n1  ansible-playbook --syntax-check --list-tasks -i hosts"