From 11b48fe4e237950f9d9e9a0e66d8b15f48be1ea0 Mon Sep 17 00:00:00 2001 From: Eric Sauer Date: Wed, 21 Dec 2016 10:37:40 -0500 Subject: Openstack heat (#2) * Adding a role to invoke openstack heat * Adding readme * Pulling parameters out to inventory file * start of end-to-end playbook * More enhancements and refactoring to make dynamic inventory the driver for an openshift install * Switching to variable substituted path to config.yaml playbook * Changes to allow defining of number of nodes/infranodes. * Added labels to inventory * Start of end-to-end functionality * Enhancements to support openstack heat provisioning * Updating inventory sample to remove some deprecation warnings * Working towards making the secure-registry role 'become' aware * Fixing node labels and removing secure-registry as it's no longer needed * No longer need insecure registry line, as installer will secure our registry * Adjusted dynamic inventory to filter by clusterid * Minor updates to dynamic inventory bug * Adding a refactored sample inventory directory * Refactoring playbooks for better directory structure, and to narrow down host groups * Adding volume mounts to heat template * Moving dns playbooks back to original location * Fixing incorrect file path * Cleaning up inventory samples * One more hostname to clean up * Changing var name * changed openshift-provision to openshift-prep * Adjusting current provision script to avoid breakage by new openstack-heat code --- roles/openstack-stack/tasks/main.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 roles/openstack-stack/tasks/main.yml (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/main.yml b/roles/openstack-stack/tasks/main.yml new file mode 100644 index 000000000..c953cb603 --- /dev/null +++ b/roles/openstack-stack/tasks/main.yml @@ -0,0 +1,31 @@ +--- +- name: create stack + ignore_errors: False + register: stack_create + os_stack: + name: "{{ stack_name }}" + state: present + template: 'roles/openstack-stack/files/heat_stack.yaml' + wait: yes + parameters: + cluster_env: "{{ dns_domain }}" + cluster_id: "{{ stack_name }}" + subnet_24_prefix: "{{ subnet_prefix }}" + dns_nameservers: "{{ dns_nameservers }}" + external_net: "{{ external_network }}" + ssh_public_key: "{{ ssh_public_key }}" + num_etcd: "{{ num_etcd }}" + num_masters: "{{ num_masters }}" + num_nodes: "{{ num_nodes }}" + num_infra: "{{ num_infra }}" + num_dns: "{{ num_dns }}" + etcd_image: "{{ openstack_image }}" + master_image: "{{ openstack_image }}" + node_image: "{{ openstack_image }}" + infra_image: "{{ openstack_image }}" + dns_image: "{{ openstack_image }}" + etcd_flavor: "{{ etcd_flavor }}" + master_flavor: "{{ master_flavor }}" + node_flavor: "{{ node_flavor }}" + infra_flavor: "{{ infra_flavor }}" + dns_flavor: "{{ dns_flavor }}" -- cgit v1.2.3 From 3bf8df1a873785a09bf3c1827bfb5097955c5e44 Mon Sep 17 00:00:00 2001 From: Eric Sauer Date: Tue, 7 Feb 2017 01:12:58 -0500 Subject: Fixing two significant bugs in the HEAT deployment (#13) --- roles/openstack-stack/tasks/main.yml | 3 +++ 1 file changed, 3 insertions(+) (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/main.yml b/roles/openstack-stack/tasks/main.yml index c953cb603..efee08c0e 100644 --- a/roles/openstack-stack/tasks/main.yml +++ b/roles/openstack-stack/tasks/main.yml @@ -29,3 +29,6 @@ node_flavor: "{{ node_flavor }}" infra_flavor: "{{ infra_flavor }}" dns_flavor: "{{ dns_flavor }}" + master_volume_size: "{{ master_volume_size }}" + app_volume_size: "{{ app_volume_size }}" + infra_volume_size: "{{ infra_volume_size }}" -- cgit v1.2.3 From c90d5323afc575246df2f50e9125069f3c12e81e Mon Sep 17 00:00:00 2001 From: Eric Sauer Date: Tue, 25 Apr 2017 23:17:38 -0400 Subject: Stack refactor (#38) * Refactored openstack-stack role to: - Convert static heat template files to ansible templates - Include native ansible groups via openstack metadata. This removes the need for a playbook to map host groups - Some code cleanup * Deleting commentd out code and irrelevant plays * Refactored openstack-stack role to: - Convert static heat template files to ansible templates - Include native ansible groups via openstack metadata. This removes the need for a playbook to map host groups - Some code cleanup * Deleting commentd out code and irrelevant plays * Replacing stack parameters with jinja expressions * Updating sample inventory to work with latest dynamic inventory changes * updating inventory with host group mapping. making sync keys optional * Missing cluster_hosts group * Updating to add infra_hosts * Updating inventory per comments from oybed and sabre1041 --- roles/openstack-stack/tasks/main.yml | 59 ++++++++++++++++++++---------------- 1 file changed, 33 insertions(+), 26 deletions(-) (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/main.yml b/roles/openstack-stack/tasks/main.yml index efee08c0e..71c7bbe0d 100644 --- a/roles/openstack-stack/tasks/main.yml +++ b/roles/openstack-stack/tasks/main.yml @@ -1,34 +1,41 @@ --- +- name: create HOT stack template prefix + register: stack_template_pre + tempfile: + state: directory + prefix: casl-ansible + +- name: set template paths + set_fact: + stack_template_path: "{{ stack_template_pre.path }}/stack.yaml" + server_template_path: "{{ stack_template_pre.path }}/server.yaml" + user_data_template_path: "{{ stack_template_pre.path }}/user-data" + +- name: generate HOT stack template from jinja2 template + template: + src: heat_stack.yaml.j2 + dest: "{{ stack_template_path }}" + +- name: generate HOT server template from jinja2 template + template: + src: heat_stack_server.yaml.j2 + dest: "{{ server_template_path }}" + +- name: generate user_data from jinja2 template + template: + src: user_data.j2 + dest: "{{ user_data_template_path }}" + - name: create stack ignore_errors: False register: stack_create os_stack: name: "{{ stack_name }}" state: present - template: 'roles/openstack-stack/files/heat_stack.yaml' + template: "{{ stack_template_path }}" wait: yes - parameters: - cluster_env: "{{ dns_domain }}" - cluster_id: "{{ stack_name }}" - subnet_24_prefix: "{{ subnet_prefix }}" - dns_nameservers: "{{ dns_nameservers }}" - external_net: "{{ external_network }}" - ssh_public_key: "{{ ssh_public_key }}" - num_etcd: "{{ num_etcd }}" - num_masters: "{{ num_masters }}" - num_nodes: "{{ num_nodes }}" - num_infra: "{{ num_infra }}" - num_dns: "{{ num_dns }}" - etcd_image: "{{ openstack_image }}" - master_image: "{{ openstack_image }}" - node_image: "{{ openstack_image }}" - infra_image: "{{ openstack_image }}" - dns_image: "{{ openstack_image }}" - etcd_flavor: "{{ etcd_flavor }}" - master_flavor: "{{ master_flavor }}" - node_flavor: "{{ node_flavor }}" - infra_flavor: "{{ infra_flavor }}" - dns_flavor: "{{ dns_flavor }}" - master_volume_size: "{{ master_volume_size }}" - app_volume_size: "{{ app_volume_size }}" - infra_volume_size: "{{ infra_volume_size }}" + +- name: cleanup temp files + file: + path: "{{ stack_template_pre.path }}" + state: absent -- cgit v1.2.3 From 1409e0a52d45b7781b3a23f3f7eaa8fe09d26cd6 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Mon, 19 Jun 2017 12:24:23 +0200 Subject: Persist DNS configuration for nodes for openstack provider * Firstly, provision a Heat stack with given public resolvers. * After the DNS node configured as an authoritative server, switch the Heat stack's Neutron subnet to that resolver (private_dns_server) the way it to become the first entry pushed into the hosts /etc/resolv.conf. It will be serving the cluster domain requests for OpenShift nodes and workloads. * Drop post-provision /etc/reslov.conf nameserver hacks as not needed anymore. * Fix dns floating IPs output and add the priv IPs output as well. * Update docs, clarify localhost vs servers requirements, add required Network Manager setup step. * Use post-provision task names instead of comments. Signed-off-by: Bogdan Dobrelya --- roles/openstack-stack/tasks/main.yml | 5 +++++ roles/openstack-stack/tasks/subnet_update_dns_servers.yaml | 8 ++++++++ 2 files changed, 13 insertions(+) create mode 100644 roles/openstack-stack/tasks/subnet_update_dns_servers.yaml (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/main.yml b/roles/openstack-stack/tasks/main.yml index 71c7bbe0d..a53e6350b 100644 --- a/roles/openstack-stack/tasks/main.yml +++ b/roles/openstack-stack/tasks/main.yml @@ -35,6 +35,11 @@ template: "{{ stack_template_path }}" wait: yes +# NOTE(bogdando) OS::Neutron::Subnet doesn't support live updates for +# dns_nameservers, so we can't do that for the "create stack" task. +- include: subnet_update_dns_servers.yaml + when: private_dns_server is defined + - name: cleanup temp files file: path: "{{ stack_template_pre.path }}" diff --git a/roles/openstack-stack/tasks/subnet_update_dns_servers.yaml b/roles/openstack-stack/tasks/subnet_update_dns_servers.yaml new file mode 100644 index 000000000..be4f07b97 --- /dev/null +++ b/roles/openstack-stack/tasks/subnet_update_dns_servers.yaml @@ -0,0 +1,8 @@ +--- +- name: Live update the subnet's DNS servers + os_subnet: + name: openshift-ansible-{{ stack_name }}-subnet + network_name: openshift-ansible-{{ stack_name }}-net + state: present + use_default_subnetpool: yes + dns_nameservers: "{{ [private_dns_server|default(public_dns_nameservers[0])]|union(public_dns_nameservers)|unique }}" -- cgit v1.2.3 From df8f5f0e251a014ab30dabd62c17e151b7fe36e8 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 12 Jul 2017 13:09:45 +0200 Subject: Options for bastion, SSH config, static inventory autogeneration * At the provisioning stage, allow users to auto-generate SSH config, when using a static inventory. * Run playbooks to provsion and post-provision as a separate, when using a bastion. This re-applies the SSH config, which ansible can't do on the fly. * Support a pre-installed bastion node, colocated with the 1st infra node. * With a bastion enabled, reduce floating IP footprint to infra and dns nodes only, effectively isolating a cluster in a private network. Signed-off-by: Bogdan Dobrelya --- roles/openstack-stack/tasks/main.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/main.yml b/roles/openstack-stack/tasks/main.yml index a53e6350b..9b4855294 100644 --- a/roles/openstack-stack/tasks/main.yml +++ b/roles/openstack-stack/tasks/main.yml @@ -8,7 +8,6 @@ - name: set template paths set_fact: stack_template_path: "{{ stack_template_pre.path }}/stack.yaml" - server_template_path: "{{ stack_template_pre.path }}/server.yaml" user_data_template_path: "{{ stack_template_pre.path }}/user-data" - name: generate HOT stack template from jinja2 template @@ -19,7 +18,13 @@ - name: generate HOT server template from jinja2 template template: src: heat_stack_server.yaml.j2 - dest: "{{ server_template_path }}" + dest: "{{ stack_template_pre.path }}/server.yaml" + +- name: generate HOT server w/o floating IPs template from jinja2 template + template: + src: heat_stack_server_nofloating.yaml.j2 + dest: "{{ stack_template_pre.path }}/server_nofloating.yaml" + when: use_bastion|bool - name: generate user_data from jinja2 template template: -- cgit v1.2.3 From daa0b91119d2c16860a19b4ead2d0d128f8bc5ce Mon Sep 17 00:00:00 2001 From: Tomas Sedovic Date: Wed, 6 Sep 2017 10:24:16 +0200 Subject: Allow using a provider network (#701) * Allow using a provider network This adds a new option `openstack_provider_network_name` which will take a name of an existing network and put the servers there. It will also prevent creating floating IP addresses as the provider network's IPs should already be accessible without any additional routing required. Fixes #622 * Requested changes Don't fail on external/private networks and use role defaults for the provider network. * Add missing endif --- roles/openstack-stack/tasks/subnet_update_dns_servers.yaml | 1 + 1 file changed, 1 insertion(+) (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/subnet_update_dns_servers.yaml b/roles/openstack-stack/tasks/subnet_update_dns_servers.yaml index be4f07b97..af28fc98f 100644 --- a/roles/openstack-stack/tasks/subnet_update_dns_servers.yaml +++ b/roles/openstack-stack/tasks/subnet_update_dns_servers.yaml @@ -6,3 +6,4 @@ state: present use_default_subnetpool: yes dns_nameservers: "{{ [private_dns_server|default(public_dns_nameservers[0])]|union(public_dns_nameservers)|unique }}" + when: not provider_network -- cgit v1.2.3 From 15be1ebcf1705bc5e9347463594f50cc9d0f27b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=98ystein=20Bedin?= Date: Mon, 2 Oct 2017 21:08:45 +0000 Subject: Adding the option to use 'stack_state' to allow for easy de-provisioning (#754) * Adding 'openstack-stack-delete' role to allow for easy de-provisioning * Updated per etsauer's comments --- roles/openstack-stack/tasks/cleanup.yml | 6 +++ roles/openstack-stack/tasks/generate-templates.yml | 32 +++++++++++++ roles/openstack-stack/tasks/main.yml | 54 ++++++---------------- 3 files changed, 53 insertions(+), 39 deletions(-) create mode 100644 roles/openstack-stack/tasks/cleanup.yml create mode 100644 roles/openstack-stack/tasks/generate-templates.yml (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/cleanup.yml b/roles/openstack-stack/tasks/cleanup.yml new file mode 100644 index 000000000..258334a6b --- /dev/null +++ b/roles/openstack-stack/tasks/cleanup.yml @@ -0,0 +1,6 @@ +--- + +- name: cleanup temp files + file: + path: "{{ stack_template_pre.path }}" + state: absent diff --git a/roles/openstack-stack/tasks/generate-templates.yml b/roles/openstack-stack/tasks/generate-templates.yml new file mode 100644 index 000000000..0ce9a3eec --- /dev/null +++ b/roles/openstack-stack/tasks/generate-templates.yml @@ -0,0 +1,32 @@ +--- +- name: create HOT stack template prefix + register: stack_template_pre + tempfile: + state: directory + prefix: casl-ansible + +- name: set template paths + set_fact: + stack_template_path: "{{ stack_template_pre.path }}/stack.yaml" + user_data_template_path: "{{ stack_template_pre.path }}/user-data" + +- name: generate HOT stack template from jinja2 template + template: + src: heat_stack.yaml.j2 + dest: "{{ stack_template_path }}" + +- name: generate HOT server template from jinja2 template + template: + src: heat_stack_server.yaml.j2 + dest: "{{ stack_template_pre.path }}/server.yaml" + +- name: generate HOT server w/o floating IPs template from jinja2 template + template: + src: heat_stack_server_nofloating.yaml.j2 + dest: "{{ stack_template_pre.path }}/server_nofloating.yaml" + when: use_bastion|bool + +- name: generate user_data from jinja2 template + template: + src: user_data.j2 + dest: "{{ user_data_template_path }}" diff --git a/roles/openstack-stack/tasks/main.yml b/roles/openstack-stack/tasks/main.yml index 9b4855294..983567026 100644 --- a/roles/openstack-stack/tasks/main.yml +++ b/roles/openstack-stack/tasks/main.yml @@ -1,51 +1,27 @@ --- -- name: create HOT stack template prefix - register: stack_template_pre - tempfile: - state: directory - prefix: casl-ansible -- name: set template paths - set_fact: - stack_template_path: "{{ stack_template_pre.path }}/stack.yaml" - user_data_template_path: "{{ stack_template_pre.path }}/user-data" +- name: Generate the templates + include: generate-templates.yml + when: + - stack_state == 'present' -- name: generate HOT stack template from jinja2 template - template: - src: heat_stack.yaml.j2 - dest: "{{ stack_template_path }}" - -- name: generate HOT server template from jinja2 template - template: - src: heat_stack_server.yaml.j2 - dest: "{{ stack_template_pre.path }}/server.yaml" - -- name: generate HOT server w/o floating IPs template from jinja2 template - template: - src: heat_stack_server_nofloating.yaml.j2 - dest: "{{ stack_template_pre.path }}/server_nofloating.yaml" - when: use_bastion|bool - -- name: generate user_data from jinja2 template - template: - src: user_data.j2 - dest: "{{ user_data_template_path }}" - -- name: create stack +- name: Handle the Stack (create/delete) ignore_errors: False register: stack_create os_stack: name: "{{ stack_name }}" - state: present - template: "{{ stack_template_path }}" + state: "{{ stack_state }}" + template: "{{ stack_template_path | default(omit) }}" wait: yes # NOTE(bogdando) OS::Neutron::Subnet doesn't support live updates for # dns_nameservers, so we can't do that for the "create stack" task. - include: subnet_update_dns_servers.yaml - when: private_dns_server is defined - -- name: cleanup temp files - file: - path: "{{ stack_template_pre.path }}" - state: absent + when: + - private_dns_server is defined + - stack_state == 'present' + +- name: CleanUp + include: cleanup.yml + when: + - stack_state == 'present' -- cgit v1.2.3 From 1c73318927fe1730fa4c52fc684a94d37d12a5fd Mon Sep 17 00:00:00 2001 From: Tomas Sedovic Date: Fri, 6 Oct 2017 09:20:53 +0200 Subject: Replace the CASL references (#778) Following up on the initial port of the OpenStack roles from casl-ansible to openshift-ansible-contrib. One of the points that was brought up in the review was to drop the references to CASL in the code since the code has now wider reach. --- roles/openstack-stack/tasks/generate-templates.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/generate-templates.yml b/roles/openstack-stack/tasks/generate-templates.yml index 0ce9a3eec..110da8444 100644 --- a/roles/openstack-stack/tasks/generate-templates.yml +++ b/roles/openstack-stack/tasks/generate-templates.yml @@ -3,7 +3,7 @@ register: stack_template_pre tempfile: state: directory - prefix: casl-ansible + prefix: openshift-ansible - name: set template paths set_fact: -- cgit v1.2.3 From e89bd6b1cb32ad52f0109f80022e801943b51893 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Tue, 17 Oct 2017 10:12:59 +0200 Subject: [WIP] Merge server with nofloating server heat templates (#761) Merge server with nofloating server heat templates --- roles/openstack-stack/tasks/generate-templates.yml | 6 ------ 1 file changed, 6 deletions(-) (limited to 'roles/openstack-stack/tasks') diff --git a/roles/openstack-stack/tasks/generate-templates.yml b/roles/openstack-stack/tasks/generate-templates.yml index 110da8444..0ff50a095 100644 --- a/roles/openstack-stack/tasks/generate-templates.yml +++ b/roles/openstack-stack/tasks/generate-templates.yml @@ -20,12 +20,6 @@ src: heat_stack_server.yaml.j2 dest: "{{ stack_template_pre.path }}/server.yaml" -- name: generate HOT server w/o floating IPs template from jinja2 template - template: - src: heat_stack_server_nofloating.yaml.j2 - dest: "{{ stack_template_pre.path }}/server_nofloating.yaml" - when: use_bastion|bool - - name: generate user_data from jinja2 template template: src: user_data.j2 -- cgit v1.2.3