Use static IP on provisioning network to access the seed

This saves us some messing around with the dynamic libvirt IP address and writing out the IP address to the Ansible inventory.
2017-03-16 13:56:42 +00:00 · 2017-03-16 13:56:42 +00:00 · 52833cf481
commit 52833cf481
parent 3ca08afd93
10 changed files with 75 additions and 71 deletions
--- a/ansible/group_vars/all/seed
+++ b/ansible/group_vars/all/seed
@ -1,4 +1,11 @@
 ---
+###############################################################################
+# Seed node configuration.
+
+# User with which to access the seed via SSH during bootstrap, in order to
+# setup the Kayobe user account.
+seed_bootstrap_user: "{{ lookup('env', 'USER') }}"
+
 ###############################################################################
 # Seed node LVM configuration.

--- a/ansible/group_vars/all/seed-vm
+++ b/ansible/group_vars/all/seed-vm
@ -52,7 +52,3 @@ seed_vm_data_capacity: 100G

 # Format of the seed VM data volume.
 seed_vm_data_format: qcow2
-
-# User with which to access the seed VM via SSH during bootstrap, in order to
-# setup the Kayobe user account.
-seed_vm_bootstrap_user: "{{ lookup('env', 'USER') }}"
--- a/ansible/group_vars/controllers/ansible-user
+++ b/ansible/group_vars/controllers/ansible-user
@ -1,3 +1,7 @@
 ---
 # User with which to access the controllers via SSH.
 ansible_user: "{{ kayobe_ansible_user }}"
+
+# User with which to access the controllers before the kayobe_ansible_user
+# account has been created.
+bootstrap_user: "{{ controller_bootstrap_user }}"
--- a/ansible/group_vars/seed/ansible-host
+++ b/ansible/group_vars/seed/ansible-host
@ -0,0 +1,3 @@
+---
+# Host/IP with which to access the seed via SSH.
+ansible_host: "{{ provision_oc_net_name | net_ip }}"
--- a/ansible/group_vars/seed/ansible-user
+++ b/ansible/group_vars/seed/ansible-user
@ -1,3 +1,7 @@
 ---
-# User with which to access the seed VM via SSH.
+# User with which to access the seed via SSH.
 ansible_user: "{{ kayobe_ansible_user }}"
+
+# User with which to access the seed before the kayobe_ansible_user account has
+# been created.
+bootstrap_user: "{{ seed_bootstrap_user }}"
--- a/ansible/kayobe-ansible-user.yml
+++ b/ansible/kayobe-ansible-user.yml
@ -2,31 +2,29 @@
 - name: Ensure the Kayobe Ansible user account exists
  hosts: seed:controllers
  vars:
-    ansible_user: "{{ seed_vm_bootstrap_user if inventory_hostname in groups['seed'] else controller_bootstrap_user }}"
+    ansible_user: "{{ bootstrap_user }}"
  tasks:
-    - name: Ensure the Kayobe Ansible group exists
-      group:
-        name: "{{ kayobe_ansible_user }}"
-        state: present
-      become: True
+    - block:
+        - name: Ensure the Kayobe Ansible group exists
+          group:
+            name: "{{ kayobe_ansible_user }}"
+            state: present

-    - name: Ensure the Kayobe Ansible user account exists
-      user:
-        name: "{{ kayobe_ansible_user }}"
-        group: "{{ kayobe_ansible_user }}"
-        comment: "Kayobe Ansible SSH access"
-        state: present
-      become: True
+        - name: Ensure the Kayobe Ansible user account exists
+          user:
+            name: "{{ kayobe_ansible_user }}"
+            group: "{{ kayobe_ansible_user }}"
+            comment: "Kayobe Ansible SSH access"
+            state: present

-    - name: Ensure the Kayobe Ansible user has passwordless sudo
-      copy:
-        content: "{{ kayobe_ansible_user }} ALL=(ALL) NOPASSWD: ALL"
-        dest: "/etc/sudoers.d/kayobe-ansible-user"
-        mode: 0440
-      become: True
+        - name: Ensure the Kayobe Ansible user has passwordless sudo
+          copy:
+            content: "{{ kayobe_ansible_user }} ALL=(ALL) NOPASSWD: ALL"
+            dest: "/etc/sudoers.d/kayobe-ansible-user"
+            mode: 0440

-    - name: Ensure the Kayobe Ansible user has authorized our SSH key
-      authorized_key:
-        user: "{{ kayobe_ansible_user }}"
-        key: "{{ lookup('file', ssh_public_key_path) }}"
+        - name: Ensure the Kayobe Ansible user has authorized our SSH key
+          authorized_key:
+            user: "{{ kayobe_ansible_user }}"
+            key: "{{ lookup('file', ssh_public_key_path) }}"
      become: True
--- a/ansible/seed-vm.yml
+++ b/ansible/seed-vm.yml
@ -4,12 +4,32 @@
  vars:
    seed_host: "{{ groups['seed'][0] }}"
    seed_hostvars: "{{ hostvars[seed_host] }}"
+    seed_user_data_path: "{{ image_cache_path }}/seed-vm-user-data"
  pre_tasks:
+    - name: Verify the seed host exists in the Ansible inventory
+      fail:
+        msg: >
+          There should be exactly one host in the seed group. There are
+          currently {{ groups['seed'] | length }}.
+      when: "{{ groups['seed'] | length != 1 }}"
+
    - name: Ensure the image cache directory exists
      file:
        path: "{{ image_cache_path }}"
        state: directory

+    # The user data script is used to bring up the network interfaces that will
+    # be configured by metadata in the configdrive. It could be used for other
+    # things in future if necessary.
+    - name: Ensure the user data file exists
+      copy:
+        content: |
+          #!/bin/bash
+          {% for interface in seed_hostvars.seed_vm_interfaces | map(attribute='net_name') | map('net_interface', seed_host) %}
+          ifup {{ interface }}
+          {% endfor %}
+        dest: "{{ seed_user_data_path }}"
+
  roles:
    - role: jriguera.configdrive
      # For now assume the VM OS family is the same as the hypervisor's.
@ -30,6 +50,7 @@
           map(attribute='net_name') |
           map('net_configdrive_network_device', seed_host) |
           list }}
+      configdrive_config_user_data_path: "{{ seed_user_data_path }}"

  tasks:
    - name: Set a fact containing the configdrive image path
@ -42,10 +63,13 @@
          | gunzip
          > {{ seed_vm_configdrive_path }}

-    - name: Ensure compressed configdrive is removed
+    - name: Ensure unnecessary files are removed
      file:
-        path: "{{ image_cache_path }}/{{ seed_host | to_uuid }}.gz"
+        path: "{{ item }}"
        state: absent
+      with_items:
+        - "{{ seed_user_data_path }}"
+        - "{{ image_cache_path }}/{{ seed_host | to_uuid }}.gz"

 - name: Ensure that the seed VM is provisioned
  hosts: seed-hypervisor
@ -53,7 +77,7 @@
    seed_host: "{{ groups['seed'][0] }}"
    seed_hostvars: "{{ hostvars[seed_host] }}"
  pre_tasks:
-    - name: Check the size of the configdrive
+    - name: Check the size of the configdrive image
      stat:
        path: "{{ seed_vm_configdrive_path }}"
      register: stat_result
@ -77,44 +101,9 @@
      become: True

  tasks:
-    - name: Check the seed VM's IP address
-      shell: virsh domifaddr {{ seed_vm_name }} | awk 'NR > 2 { print $4 }'
-      register: ifaddr_result
-      changed_when: False
-      become: True
-      until: "{{ ifaddr_result | failed or ifaddr_result.stdout != '' }}"
-      retries: 60
-      delay: 1
-
-    - name: Ensure the inventory contains a group variables directory for the seed
-      local_action:
-        module: file
-        path: "{{ item.path }}"
-        state: directory
-      become: "{{ item.become | bool }}"
-      with_items:
-        - { path: "{{ kayobe_config_path }}/inventory/group_vars/seed", become: False }
-
-    # Generate inventory group variable files for the seed VM. Note that this
-    # host will not be accessible to this instance of Ansible - another process
-    # should be started.
-    - name: Ensure the inventory contains a group variables file for the seed
-      local_action:
-        module: copy
-        content: |
-          ---
-          # Do not edit this file - it is managed by Ansible and changes will be lost.
-          # Ansible inventory file for the Kayobe seed VM.
-          # This host will provide the Bifrost undercloud.
-          ansible_host: "{{ ifaddr_result.stdout_lines[0] | ipaddr('address') }}"
-        dest: "{{ item.path }}"
-      become: "{{ item.become | bool }}"
-      with_items:
-        - { path: "{{ kayobe_config_path }}/inventory/group_vars/seed/ansible-host", become: False }
-
    - name: Wait for SSH access to the seed VM
      local_action:
        module: wait_for
-        host: "{{ ifaddr_result.stdout_lines[0] | ipaddr('address') }}"
+        host: "{{ seed_hostvars.ansible_host }}"
        port: 22
        state: started
--- a/etc/kayobe/seed-vm.yml
+++ b/etc/kayobe/seed-vm.yml
@ -29,10 +29,6 @@
 # Base image for the seed VM root volume.
 #seed_vm_root_image:

-# User with which to access the seed VM via SSH during bootstrap, in order to
-# setup the Kayobe user account.
-#seed_vm_bootstrap_user:
-
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.
 workaround_ansible_issue_8743: yes
--- a/etc/kayobe/seed.yml
+++ b/etc/kayobe/seed.yml
@ -1,6 +1,11 @@
 ---
+###############################################################################
 # Seed node configuration.

+# User with which to access the seed via SSH during bootstrap, in order to
+# setup the Kayobe user account.
+#seed_bootstrap_user:
+
 ###############################################################################
 # Network interface attachments.

--- a/kayobe/cli/commands.py
+++ b/kayobe/cli/commands.py
@ -149,6 +149,8 @@ class SeedVMProvision(KollaAnsibleMixin, KayobeAnsibleMixin, Command):

    def take_action(self, parsed_args):
        self.app.LOG.debug("Provisioning seed VM")
+        ansible.run_playbook(parsed_args, "ansible/ip-allocation.yml",
+                             limit="seed")
        ansible.run_playbook(parsed_args, "ansible/seed-vm.yml")
        # Now populate the Kolla Ansible inventory.
        ansible.run_playbook(parsed_args, "ansible/kolla-ansible.yml",