summaryrefslogtreecommitdiffstats
path: root/roles/openstack-stack
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openstack-stack')
-rw-r--r--roles/openstack-stack/defaults/main.yml10
-rw-r--r--roles/openstack-stack/tasks/main.yml59
-rw-r--r--roles/openstack-stack/templates/heat_stack.yaml.j2 (renamed from roles/openstack-stack/files/heat_stack.yaml)383
-rw-r--r--roles/openstack-stack/templates/heat_stack_server.yaml.j2 (renamed from roles/openstack-stack/files/heat_stack_server.yaml)18
-rw-r--r--roles/openstack-stack/templates/user_data.j2 (renamed from roles/openstack-stack/files/user-data)0
5 files changed, 184 insertions, 286 deletions
diff --git a/roles/openstack-stack/defaults/main.yml b/roles/openstack-stack/defaults/main.yml
new file mode 100644
index 000000000..8aefe039d
--- /dev/null
+++ b/roles/openstack-stack/defaults/main.yml
@@ -0,0 +1,10 @@
+---
+dns_volume_size: 1
+ssh_ingress_cidr: 0.0.0.0/0
+node_ingress_cidr: 0.0.0.0/0
+num_etcd: 0
+num_masters: 1
+num_nodes: 1
+num_dns: 1
+num_infra: 1
+etcd_volume_size: 2
diff --git a/roles/openstack-stack/tasks/main.yml b/roles/openstack-stack/tasks/main.yml
index efee08c0e..71c7bbe0d 100644
--- a/roles/openstack-stack/tasks/main.yml
+++ b/roles/openstack-stack/tasks/main.yml
@@ -1,34 +1,41 @@
---
+- name: create HOT stack template prefix
+ register: stack_template_pre
+ tempfile:
+ state: directory
+ prefix: casl-ansible
+
+- name: set template paths
+ set_fact:
+ stack_template_path: "{{ stack_template_pre.path }}/stack.yaml"
+ server_template_path: "{{ stack_template_pre.path }}/server.yaml"
+ user_data_template_path: "{{ stack_template_pre.path }}/user-data"
+
+- name: generate HOT stack template from jinja2 template
+ template:
+ src: heat_stack.yaml.j2
+ dest: "{{ stack_template_path }}"
+
+- name: generate HOT server template from jinja2 template
+ template:
+ src: heat_stack_server.yaml.j2
+ dest: "{{ server_template_path }}"
+
+- name: generate user_data from jinja2 template
+ template:
+ src: user_data.j2
+ dest: "{{ user_data_template_path }}"
+
- name: create stack
ignore_errors: False
register: stack_create
os_stack:
name: "{{ stack_name }}"
state: present
- template: 'roles/openstack-stack/files/heat_stack.yaml'
+ template: "{{ stack_template_path }}"
wait: yes
- parameters:
- cluster_env: "{{ dns_domain }}"
- cluster_id: "{{ stack_name }}"
- subnet_24_prefix: "{{ subnet_prefix }}"
- dns_nameservers: "{{ dns_nameservers }}"
- external_net: "{{ external_network }}"
- ssh_public_key: "{{ ssh_public_key }}"
- num_etcd: "{{ num_etcd }}"
- num_masters: "{{ num_masters }}"
- num_nodes: "{{ num_nodes }}"
- num_infra: "{{ num_infra }}"
- num_dns: "{{ num_dns }}"
- etcd_image: "{{ openstack_image }}"
- master_image: "{{ openstack_image }}"
- node_image: "{{ openstack_image }}"
- infra_image: "{{ openstack_image }}"
- dns_image: "{{ openstack_image }}"
- etcd_flavor: "{{ etcd_flavor }}"
- master_flavor: "{{ master_flavor }}"
- node_flavor: "{{ node_flavor }}"
- infra_flavor: "{{ infra_flavor }}"
- dns_flavor: "{{ dns_flavor }}"
- master_volume_size: "{{ master_volume_size }}"
- app_volume_size: "{{ app_volume_size }}"
- infra_volume_size: "{{ infra_volume_size }}"
+
+- name: cleanup temp files
+ file:
+ path: "{{ stack_template_pre.path }}"
+ state: absent
diff --git a/roles/openstack-stack/files/heat_stack.yaml b/roles/openstack-stack/templates/heat_stack.yaml.j2
index 058f7a7ad..bc9547f66 100644
--- a/roles/openstack-stack/files/heat_stack.yaml
+++ b/roles/openstack-stack/templates/heat_stack.yaml.j2
@@ -1,168 +1,9 @@
-heat_template_version: 2014-10-16
+heat_template_version: 2016-10-14
description: OpenShift cluster
parameters:
- cluster_env:
- type: string
- label: Cluster environment
- description: Environment of the cluster
-
- cluster_id:
- type: string
- label: Cluster ID
- description: Identifier of the cluster
-
- subnet_24_prefix:
- type: string
- label: subnet /24 prefix
- description: /24 subnet prefix of the network of the cluster (dot separated number triplet)
-
- dns_nameservers:
- type: comma_delimited_list
- label: DNS nameservers list
- description: List of DNS nameservers
-
- external_net:
- type: string
- label: External network
- description: Name of the external network
- default: external
-
- ssh_public_key:
- type: string
- label: SSH public key
- description: SSH public key
- hidden: true
-
- ssh_incoming:
- type: string
- label: Source of ssh connections
- description: Source of legitimate ssh connections
- default: 0.0.0.0/0
-
- node_port_incoming:
- type: string
- label: Source of node port connections
- description: Authorized sources targetting node ports
- default: 0.0.0.0/0
-
- num_etcd:
- type: number
- label: Number of etcd nodes
- description: Number of etcd nodes
-
- num_masters:
- type: number
- label: Number of masters
- description: Number of masters
-
- num_nodes:
- type: number
- label: Number of compute nodes
- description: Number of compute nodes
-
- num_infra:
- type: number
- label: Number of infrastructure nodes
- description: Number of infrastructure nodes
-
- num_dns:
- type: number
- label: Number of dns servers
- description: Number of dns servers
-
- etcd_image:
- type: string
- label: Etcd image
- description: Name of the image for the etcd servers
-
- master_image:
- type: string
- label: Master image
- description: Name of the image for the master servers
-
- node_image:
- type: string
- label: Node image
- description: Name of the image for the compute node servers
-
- infra_image:
- type: string
- label: Infra image
- description: Name of the image for the infra node servers
-
- dns_image:
- type: string
- label: DNS image
- description: Name of the image for the DNS server
-
- etcd_flavor:
- type: string
- label: Etcd flavor
- description: Flavor of the etcd servers
-
- master_flavor:
- type: string
- label: Master flavor
- description: Flavor of the master servers
-
- node_flavor:
- type: string
- label: Node flavor
- description: Flavor of the compute node servers
-
- infra_flavor:
- type: string
- label: Infra flavor
- description: Flavor of the infra node servers
-
- dns_flavor:
- type: string
- label: DNS flavor
- description: Flavor of the DNS server
-
- master_volume_size:
- type: number
- description: Size of the volume to be created.
- default: 5
- constraints:
- - range: { min: 1, max: 1024 }
- description: must be between 1 and 1024 Gb.
-
- app_volume_size:
- type: number
- description: Size of the volume to be created.
- default: 5
- constraints:
- - range: { min: 1, max: 1024 }
- description: must be between 1 and 1024 Gb.
-
- infra_volume_size:
- type: number
- description: Size of the volume to be created.
- default: 5
- constraints:
- - range: { min: 1, max: 1024 }
- description: must be between 1 and 1024 Gb.
-
- dns_volume_size:
- type: number
- description: Size of the volume to be created.
- default: 5
- constraints:
- - range: { min: 1, max: 1024 }
- description: must be between 1 and 1024 Gb.
-
- etcd_volume_size:
- type: number
- description: Size of the volume to be created.
- default: 5
- constraints:
- - range: { min: 1, max: 1024 }
- description: must be between 1 and 1024 Gb.
-
outputs:
etcd_names:
@@ -229,7 +70,7 @@ outputs:
- str_replace:
template: openshift-ansible-cluster_id-net
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
- 1
- addr
@@ -242,7 +83,7 @@ resources:
str_replace:
template: openshift-ansible-cluster_id-net
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
subnet:
type: OS::Neutron::Subnet
@@ -251,31 +92,28 @@ resources:
str_replace:
template: openshift-ansible-cluster_id-subnet
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
network: { get_resource: net }
cidr:
str_replace:
template: subnet_24_prefix.0/24
params:
- subnet_24_prefix: { get_param: subnet_24_prefix }
+ subnet_24_prefix: {{ subnet_prefix }}
allocation_pools:
- start:
str_replace:
template: subnet_24_prefix.3
params:
- subnet_24_prefix: { get_param: subnet_24_prefix }
+ subnet_24_prefix: {{ subnet_prefix }}
end:
str_replace:
template: subnet_24_prefix.254
params:
- subnet_24_prefix: { get_param: subnet_24_prefix }
+ subnet_24_prefix: {{ subnet_prefix }}
dns_nameservers:
- - 10.9.48.31
-# - { get_param: dns_nameservers }
-# repeat:
-# for_each:
-# <%nameserver%>: { get_param: dns_nameservers }
-# template: <%nameserver%>
+ {% for nameserver in dns_nameservers %}
+ - {{ nameserver }}
+ {% endfor %}
router:
type: OS::Neutron::Router
@@ -284,9 +122,9 @@ resources:
str_replace:
template: openshift-ansible-cluster_id-router
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
external_gateway_info:
- network: { get_param: external_net }
+ network: {{ external_network }}
interface:
type: OS::Neutron::RouterInterface
@@ -301,8 +139,8 @@ resources:
# str_replace:
# template: openshift-ansible-cluster_id-keypair
# params:
-# cluster_id: { get_param: cluster_id }
-# public_key: { get_param: ssh_public_key }
+# cluster_id: {{ stack_name }}
+# public_key: {{ ssh_public_key }}
master-secgrp:
type: OS::Neutron::SecurityGroup
@@ -311,18 +149,18 @@ resources:
str_replace:
template: openshift-ansible-cluster_id-master-secgrp
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
description:
str_replace:
template: Security group for cluster_id OpenShift cluster master
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
rules:
- direction: ingress
protocol: tcp
port_range_min: 22
port_range_max: 22
- remote_ip_prefix: { get_param: ssh_incoming }
+ remote_ip_prefix: {{ ssh_ingress_cidr }}
- direction: ingress
protocol: tcp
port_range_min: 4001
@@ -383,18 +221,18 @@ resources:
str_replace:
template: openshift-ansible-cluster_id-etcd-secgrp
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
description:
str_replace:
template: Security group for cluster_id etcd cluster
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
rules:
- direction: ingress
protocol: tcp
port_range_min: 22
port_range_max: 22
- remote_ip_prefix: { get_param: ssh_incoming }
+ remote_ip_prefix: {{ ssh_ingress_cidr }}
- direction: ingress
protocol: tcp
port_range_min: 2379
@@ -414,18 +252,18 @@ resources:
str_replace:
template: openshift-ansible-cluster_id-node-secgrp
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
description:
str_replace:
template: Security group for cluster_id OpenShift cluster nodes
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
rules:
- direction: ingress
protocol: tcp
port_range_min: 22
port_range_max: 22
- remote_ip_prefix: { get_param: ssh_incoming }
+ remote_ip_prefix: {{ ssh_ingress_cidr }}
- direction: ingress
protocol: tcp
port_range_min: 10250
@@ -450,7 +288,7 @@ resources:
protocol: tcp
port_range_min: 30000
port_range_max: 32767
- remote_ip_prefix: { get_param: node_port_incoming }
+ remote_ip_prefix: {{ node_ingress_cidr }}
infra-secgrp:
type: OS::Neutron::SecurityGroup
@@ -459,12 +297,12 @@ resources:
str_replace:
template: openshift-ansible-cluster_id-infra-secgrp
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
description:
str_replace:
template: Security group for cluster_id OpenShift infrastructure cluster nodes
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
rules:
- direction: ingress
protocol: tcp
@@ -482,203 +320,232 @@ resources:
str_replace:
template: openshift-ansible-cluster_id-dns-secgrp
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
description:
str_replace:
template: Security group for cluster_id cluster DNS
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
rules:
- direction: ingress
protocol: tcp
port_range_min: 22
port_range_max: 22
- remote_ip_prefix: { get_param: ssh_incoming }
+ remote_ip_prefix: {{ ssh_ingress_cidr }}
- direction: ingress
protocol: udp
port_range_min: 53
port_range_max: 53
- remote_ip_prefix: { get_param: node_port_incoming }
+ remote_ip_prefix: {{ node_ingress_cidr }}
- direction: ingress
protocol: tcp
port_range_min: 53
port_range_max: 53
- remote_ip_prefix: { get_param: node_port_incoming }
+ remote_ip_prefix: {{ node_ingress_cidr }}
etcd:
type: OS::Heat::ResourceGroup
properties:
- count: { get_param: num_etcd }
+ count: {{ num_etcd }}
resource_def:
- type: heat_stack_server.yaml
+ type: server.yaml
properties:
name:
str_replace:
- template: k8s_type-%index%.cluster_id.cluster_env
+ template: k8s_type-%index%.cluster_id
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
k8s_type: etcd
- cluster_env: { get_param: cluster_env }
- cluster_env: { get_param: cluster_env }
- cluster_id: { get_param: cluster_id }
+ cluster_env: {{ dns_domain }}
+ cluster_id: {{ stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: etcds
+ cluster_id: {{ stack_name }}
type: etcd
- image: { get_param: etcd_image }
- flavor: { get_param: etcd_flavor }
- key_name: { get_param: ssh_public_key }
+ image: {{ openstack_image }}
+ flavor: {{ etcd_flavor }}
+ key_name: {{ ssh_public_key }}
net: { get_resource: net }
subnet: { get_resource: subnet }
secgrp:
- { get_resource: etcd-secgrp }
- floating_network: { get_param: external_net }
+ floating_network: {{ external_network }}
net_name:
str_replace:
template: openshift-ansible-cluster_id-net
params:
- cluster_id: { get_param: cluster_id }
- volume_size: { get_param: etcd_volume_size }
+ cluster_id: {{ stack_name }}
+ volume_size: {{ etcd_volume_size }}
depends_on:
- interface
masters:
type: OS::Heat::ResourceGroup
properties:
- count: { get_param: num_masters }
+ count: {{ num_masters }}
resource_def:
- type: heat_stack_server.yaml
+ type: server.yaml
properties:
name:
str_replace:
- template: k8s_type-%index%.cluster_id.cluster_env
+ template: k8s_type-%index%.cluster_id
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
k8s_type: master
- cluster_env: { get_param: cluster_env }
- cluster_env: { get_param: cluster_env }
- cluster_id: { get_param: cluster_id }
+ cluster_env: {{ dns_domain }}
+ cluster_id: {{ stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: masters
+ cluster_id: {{ stack_name }}
type: master
- image: { get_param: master_image }
- flavor: { get_param: master_flavor }
- key_name: { get_param: ssh_public_key }
+ image: {{ openstack_image }}
+ flavor: {{ master_flavor }}
+ key_name: {{ ssh_public_key }}
net: { get_resource: net }
subnet: { get_resource: subnet }
secgrp:
- { get_resource: master-secgrp }
- { get_resource: node-secgrp }
- floating_network: { get_param: external_net }
+ floating_network: {{ external_network }}
net_name:
str_replace:
template: openshift-ansible-cluster_id-net
params:
- cluster_id: { get_param: cluster_id }
- volume_size: { get_param: master_volume_size }
+ cluster_id: {{ stack_name }}
+ volume_size: {{ master_volume_size }}
depends_on:
- interface
compute_nodes:
type: OS::Heat::ResourceGroup
properties:
- count: { get_param: num_nodes }
+ count: {{ num_nodes }}
resource_def:
- type: heat_stack_server.yaml
+ type: server.yaml
properties:
name:
str_replace:
- template: subtype-k8s_type-%index%.cluster_id.cluster_env
+ template: subtype-k8s_type-%index%.cluster_id
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
k8s_type: node
subtype: app
- cluster_env: { get_param: cluster_env }
- cluster_env: { get_param: cluster_env }
- cluster_id: { get_param: cluster_id }
+ cluster_env: {{ dns_domain }}
+ cluster_id: {{ stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: nodes
+ cluster_id: {{ stack_name }}
type: node
subtype: app
- image: { get_param: node_image }
- flavor: { get_param: node_flavor }
- key_name: { get_param: ssh_public_key }
+ node_labels:
+ region: primary
+ image: {{ openstack_image }}
+ flavor: {{ node_flavor }}
+ key_name: {{ ssh_public_key }}
net: { get_resource: net }
subnet: { get_resource: subnet }
secgrp:
- { get_resource: node-secgrp }
- floating_network: { get_param: external_net }
+ floating_network: {{ external_network }}
net_name:
str_replace:
template: openshift-ansible-cluster_id-net
params:
- cluster_id: { get_param: cluster_id }
- volume_size: { get_param: app_volume_size }
+ cluster_id: {{ stack_name }}
+ volume_size: {{ app_volume_size }}
depends_on:
- interface
infra_nodes:
type: OS::Heat::ResourceGroup
properties:
- count: { get_param: num_infra }
+ count: {{ num_infra }}
resource_def:
- type: heat_stack_server.yaml
+ type: server.yaml
properties:
name:
str_replace:
- template: subtypek8s_type-%index%.cluster_id.cluster_env
+ template: subtypek8s_type-%index%.cluster_id
params:
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
k8s_type: node
subtype: infra
- cluster_env: { get_param: cluster_env }
- cluster_env: { get_param: cluster_env }
- cluster_id: { get_param: cluster_id }
+ cluster_env: {{ dns_domain }}
+ cluster_id: {{ stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
+ params:
+ k8s_type: infra
+ cluster_id: {{ stack_name }}
type: node
subtype: infra
- image: { get_param: infra_image }
- flavor: { get_param: infra_flavor }
- key_name: { get_param: ssh_public_key }
+ node_labels:
+ region: infra
+ image: {{ openstack_image }}
+ flavor: {{ infra_flavor }}
+ key_name: {{ ssh_public_key }}
net: { get_resource: net }
subnet: { get_resource: subnet }
secgrp:
- { get_resource: node-secgrp }
- { get_resource: infra-secgrp }
- floating_network: { get_param: external_net }
+ floating_network: {{ external_network }}
net_name:
str_replace:
template: openshift-ansible-cluster_id-net
params:
- cluster_id: { get_param: cluster_id }
- volume_size: { get_param: infra_volume_size }
+ cluster_id: {{ stack_name }}
+ volume_size: {{ infra_volume_size }}
depends_on:
- interface
dns:
type: OS::Heat::ResourceGroup
properties:
- count: { get_param: num_dns }
+ count: {{ num_dns }}
resource_def:
- type: heat_stack_server.yaml
+ type: server.yaml
properties:
name:
str_replace:
- template: k8s_type-%index%.cluster_id.cluster_env
+ template: k8s_type-%index%.cluster_id
+ params:
+ cluster_id: {{ stack_name }}
+ k8s_type: dns
+ cluster_env: {{ dns_domain }}
+ cluster_id: {{ stack_name }}
+ group:
+ str_replace:
+ template: k8s_type.cluster_id
params:
- cluster_id: { get_param: cluster_id }
k8s_type: dns
- cluster_env: { get_param: cluster_env }
- cluster_env: { get_param: cluster_env }
- cluster_id: { get_param: cluster_id }
+ cluster_id: {{ stack_name }}
type: dns
- image: { get_param: dns_image }
- flavor: { get_param: dns_flavor }
- key_name: { get_param: ssh_public_key }
+ image: {{ openstack_image }}
+ flavor: {{ dns_flavor }}
+ key_name: {{ ssh_public_key }}
net: { get_resource: net }
subnet: { get_resource: subnet }
secgrp:
- { get_resource: node-secgrp }
- { get_resource: dns-secgrp }
- floating_network: { get_param: external_net }
+ floating_network: {{ external_network }}
net_name:
str_replace:
template: openshift-ansible-cluster_id-net
params:
- cluster_id: { get_param: cluster_id }
- volume_size: { get_param: dns_volume_size }
+ cluster_id: {{ stack_name }}
+ volume_size: {{ dns_volume_size }}
depends_on:
- interface
diff --git a/roles/openstack-stack/files/heat_stack_server.yaml b/roles/openstack-stack/templates/heat_stack_server.yaml.j2
index 978da4f0b..5851d3b9b 100644
--- a/roles/openstack-stack/files/heat_stack_server.yaml
+++ b/roles/openstack-stack/templates/heat_stack_server.yaml.j2
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: 2016-10-14
description: OpenShift cluster server
@@ -9,6 +9,12 @@ parameters:
label: Name
description: Name
+ group:
+ type: string
+ label: Host Group
+ description: The Primary Ansible Host Group
+ default: host
+
cluster_env:
type: string
label: Cluster environment
@@ -83,6 +89,11 @@ parameters:
- range: { min: 1, max: 1024 }
description: must be between 1 and 1024 Gb.
+ node_labels:
+ type: json
+ description: OpenShift Node Labels
+ default: {"region": "default" }
+
outputs:
name:
@@ -120,13 +131,16 @@ resources:
flavor: { get_param: flavor }
networks:
- port: { get_resource: port }
- user_data: { get_file: user-data }
+ user_data:
+ get_file: user-data
user_data_format: RAW
metadata:
+ group: { get_param: group }
environment: { get_param: cluster_env }
clusterid: { get_param: cluster_id }
host-type: { get_param: type }
sub-host-type: { get_param: subtype }
+ node_labels: { get_param: node_labels }
port:
type: OS::Neutron::Port
diff --git a/roles/openstack-stack/files/user-data b/roles/openstack-stack/templates/user_data.j2
index eb65f7cec..eb65f7cec 100644
--- a/roles/openstack-stack/files/user-data
+++ b/roles/openstack-stack/templates/user_data.j2