From cb3847c3b7610b95e6915e3f6477179084f23adf Mon Sep 17 00:00:00 2001 From: Jean-Philippe Evrard Date: Fri, 19 May 2017 13:12:18 +0000 Subject: [PATCH] Move to a all/ group var folder For readability, because all.yml started to be BIIIIIIIG. Change-Id: I34fb7a9bb1ab0f68a9f5b5f72eea25be998ad942 --- playbooks/inventory/group_vars/all.yml | 511 ------------------ playbooks/inventory/group_vars/all/all.yml | 115 ++++ playbooks/inventory/group_vars/all/aodh.yml | 21 + .../inventory/group_vars/all/ceilometer.yml | 26 + playbooks/inventory/group_vars/all/ceph.yml | 30 + playbooks/inventory/group_vars/all/cinder.yml | 56 ++ playbooks/inventory/group_vars/all/glance.yml | 51 ++ playbooks/inventory/group_vars/all/heat.yml | 34 ++ playbooks/inventory/group_vars/all/infra.yml | 31 ++ playbooks/inventory/group_vars/all/ironic.yml | 29 + .../inventory/group_vars/all/keystone.yml | 59 ++ playbooks/inventory/group_vars/all/magnum.yml | 23 + .../inventory/group_vars/all/neutron.yml | 50 ++ playbooks/inventory/group_vars/all/nova.yml | 60 ++ .../inventory/group_vars/all/octavia.yml | 31 ++ playbooks/inventory/group_vars/all/pip.yml | 33 ++ playbooks/inventory/group_vars/all/sahara.yml | 34 ++ playbooks/inventory/group_vars/all/ssl.yml | 21 + playbooks/inventory/group_vars/all/swift.yml | 29 + scripts/sources-branch-updater.sh | 8 +- scripts/update-revision.sh | 2 +- 21 files changed, 738 insertions(+), 516 deletions(-) delete mode 100644 playbooks/inventory/group_vars/all.yml create mode 100644 playbooks/inventory/group_vars/all/all.yml create mode 100644 playbooks/inventory/group_vars/all/aodh.yml create mode 100644 playbooks/inventory/group_vars/all/ceilometer.yml create mode 100644 playbooks/inventory/group_vars/all/ceph.yml create mode 100644 playbooks/inventory/group_vars/all/cinder.yml create mode 100644 playbooks/inventory/group_vars/all/glance.yml create mode 100644 playbooks/inventory/group_vars/all/heat.yml create mode 100644 playbooks/inventory/group_vars/all/infra.yml create mode 100644 playbooks/inventory/group_vars/all/ironic.yml create mode 100644 playbooks/inventory/group_vars/all/keystone.yml create mode 100644 playbooks/inventory/group_vars/all/magnum.yml create mode 100644 playbooks/inventory/group_vars/all/neutron.yml create mode 100644 playbooks/inventory/group_vars/all/nova.yml create mode 100644 playbooks/inventory/group_vars/all/octavia.yml create mode 100644 playbooks/inventory/group_vars/all/pip.yml create mode 100644 playbooks/inventory/group_vars/all/sahara.yml create mode 100644 playbooks/inventory/group_vars/all/ssl.yml create mode 100644 playbooks/inventory/group_vars/all/swift.yml diff --git a/playbooks/inventory/group_vars/all.yml b/playbooks/inventory/group_vars/all.yml deleted file mode 100644 index 56cdb22114..0000000000 --- a/playbooks/inventory/group_vars/all.yml +++ /dev/null @@ -1,511 +0,0 @@ ---- -# Copyright 2016, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## OpenStack Source Code Release -openstack_release: master - -## Verbosity Options -debug: False - -## SSH connection wait time -ssh_delay: 5 - -# Set the package install state for distribution packages -# Options are 'present' and 'latest' -package_state: "latest" - -# Set "/var/log" to be a bind mount to the physical host. -default_bind_mount_logs: true - -# Set distro variable -os_distro_version: "{{ ansible_distribution | lower }}-{{ ansible_distribution_version.split('.')[:2] | join('.') }}-{{ ansible_architecture | lower }}" - -# Ensure that the package state matches the global setting -ceph_client_package_state: "{{ package_state }}" -galera_client_package_state: "{{ package_state }}" -pip_install_package_state: "{{ package_state }}" -rsyslog_client_package_state: "{{ package_state }}" - -## OpenStack source options -openstack_repo_url: "http://{{ internal_lb_vip_address }}:{{ repo_server_port }}" -openstack_repo_git_url: "git://{{ internal_lb_vip_address }}" - -# URL for the frozen internal openstack repo. -repo_server_port: 8181 -repo_pkg_cache_enabled: true -repo_pkg_cache_port: 3142 -repo_pkg_cache_url: "http://{{ internal_lb_vip_address }}:{{ repo_pkg_cache_port }}" -repo_release_path: "{{ openstack_repo_url }}/os-releases/{{ openstack_release }}/{{ os_distro_version }}" - -# These are pinned to ensure exactly the same behaviour forever! -# These pins are updated through the sources-branch-updater script -pip_packages: - - pip==9.0.1 - - setuptools==33.1.1 - - wheel==0.29.0 - -pip_links: - - { name: "openstack_release", link: "{{ repo_release_path }}/" } -pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}" - -# The upper constraints to apply to all pip installations -pip_install_upper_constraints: "{{ repo_release_path }}/requirements_absolute_requirements.txt" - -# The URL to retrieve the get-pip.py installation script -pip_upstream_url: "{{ (pip_offline_install | bool) | ternary('https://bootstrap.pypa.io/get-pip.py', repo_release_path ~ '/get-pip.py') }}" - -## kernel modules for specific group hosts -# :param name: name of the kernel module -# :param pattern: pattern to search for in /boot/config-$kernel_version to check how module is configured inside kernel -# :param group: group of hosts where the module will be loaded -openstack_host_specific_kernel_modules: - - { name: "ebtables", pattern: "CONFIG_BRIDGE_NF_EBTABLES", group: "network_hosts" } - -## DNS resolution (resolvconf) options -#Group containing resolvers to configure -resolvconf_resolver_group: unbound - -## Memcached options -memcached_port: 11211 -memcached_servers: "{% for host in groups['memcached'] %}{{ hostvars[host]['ansible_host'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}" - -## Galera -galera_address: "{{ internal_lb_vip_address }}" -galera_root_user: "root" - -## RabbitMQ -rabbitmq_host_group: "rabbitmq_all" -rabbitmq_port: "{{ (rabbitmq_use_ssl | bool) | ternary(5671, 5672) }}" - -rabbitmq_use_ssl: True -rabbitmq_servers: "{% for host in groups[rabbitmq_host_group] %}{{ hostvars[host]['ansible_host'] }}{% if not loop.last %},{% endif %}{% endfor %}" - -## Enable external SSL handling for general OpenStack services -openstack_external_ssl: true - -## OpenStack global Endpoint Protos -openstack_service_publicuri_proto: https -#openstack_service_adminuri_proto: http -#openstack_service_internaluri_proto: http - -## SSL -# These do not need to be configured unless you're creating certificates for -# services running behind Apache (currently, Horizon and Keystone). -ssl_protocol: "ALL -SSLv2 -SSLv3" -# Cipher suite string from https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ -ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS" - -## Region Name -service_region: RegionOne - -## OpenStack Domain -openstack_domain: openstack.local -lxc_container_domain: "{{ openstack_domain }}" - -## DHCP Domain Name -dhcp_domain: openstacklocal - -## LDAP enabled toggle -service_ldap_backend_enabled: "{{ keystone_ldap is defined and keystone_ldap.Default is defined }}" - -## Base venv configuration -venv_tag: "{{ openstack_release }}" -venv_base_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ os_distro_version }}" - -## Aodh -aodh_service_region: "{{ service_region }}" -aodh_galera_user: aodh -aodh_galera_database: aodh -aodh_galera_address: "{{ internal_lb_vip_address }}" -aodh_connection_string: "mysql+pymysql://{{ aodh_galera_user }}:{{ aodh_container_db_password }}@{{ aodh_galera_address }}/{{ aodh_galera_database }}?charset=utf8" -aodh_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - - -## Ceilometer -ceilometer_service_user_name: ceilometer -ceilometer_service_tenant_name: service - -# These are here rather than in ceilometer_all because -# both the os_ceilometer and os_swift roles require them -ceilometer_rabbitmq_userid: ceilometer -ceilometer_rabbitmq_vhost: /ceilometer -ceilometer_rabbitmq_port: "{{ rabbitmq_port }}" -ceilometer_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -ceilometer_rabbitmq_servers: "{{ rabbitmq_servers }}" -ceilometer_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - - -## Cinder -cinder_service_region: "{{ service_region }}" -cinder_service_port: 8776 -# If there are Swift hosts in the environment, then enable cinder backups to it -cinder_service_backup_program_enabled: "{{ groups['swift_all'] is defined and groups['swift_all'] | length > 0 }}" -# cinder_backend_rbd_inuse: True if current host has an rbd backend -cinder_backend_rbd_inuse: '{{ (cinder_backends|default("")|to_json).find("cinder.volume.drivers.rbd.RBDDriver") != -1 }}' -# cinder_backends_rbd_inuse: true if at least 1 cinder_backend on any -# cinder_volume host uses Ceph RBD -# http://stackoverflow.com/questions/9486393/jinja2-change-the-value-of-a-variable-inside-a-loop -cinder_backends_rbd_inuse: >- - {% set _var = False -%} - {% for host in groups['cinder_volume'] -%} - {% if hostvars[host]['cinder_backend_rbd_inuse'] | bool -%} - {% set _var = True -%} - {% endif -%} - {% endfor -%} - {{ _var }} -cinder_ceph_client: cinder - -# These are here rather than in cinder_all because -# both the os_ceilometer and os_cinder roles require them - -# RPC -cinder_rabbitmq_userid: cinder -cinder_rabbitmq_vhost: /cinder -cinder_rabbitmq_port: "{{ rabbitmq_port }}" -cinder_rabbitmq_servers: "{{ rabbitmq_servers }}" -cinder_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -cinder_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - -# Telemetry notifications -cinder_rabbitmq_telemetry_userid: "{{ cinder_rabbitmq_userid }}" -cinder_rabbitmq_telemetry_password: "{{ cinder_rabbitmq_password }}" -cinder_rabbitmq_telemetry_vhost: "{{ cinder_rabbitmq_vhost }}" -cinder_rabbitmq_telemetry_port: "{{ cinder_rabbitmq_port }}" -cinder_rabbitmq_telemetry_servers: "{{ cinder_rabbitmq_servers }}" -cinder_rabbitmq_telemetry_use_ssl: "{{ cinder_rabbitmq_use_ssl }}" -cinder_rabbitmq_telemetry_host_group: "{{ cinder_rabbitmq_host_group }}" - -# If there are any Ceilometer hosts in the environment, then enable its usage -cinder_ceilometer_enabled: "{{ (groups['cinder_all'] is defined) and (groups['cinder_all'] | length > 0) and (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" - -## Glance -glance_service_port: 9292 -glance_service_proto: http -glance_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(glance_service_proto) }}" -glance_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(glance_service_proto) }}" -glance_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(glance_service_proto) }}" -glance_service_publicuri: "{{ glance_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ glance_service_port }}" -glance_service_publicurl: "{{ glance_service_publicuri }}" -glance_service_internaluri: "{{ glance_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ glance_service_port }}" -glance_service_internalurl: "{{ glance_service_internaluri }}" -glance_service_adminuri: "{{ glance_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ glance_service_port }}" -glance_service_adminurl: "{{ glance_service_adminuri }}" -glance_api_servers: "{{ glance_service_internaluri }}" -glance_service_user_name: glance - -# These are here rather than in glance_all because -# both the os_ceilometer and os_glance roles require them - -## Gnocchi -# Used in both Gnocchi and Swift roles. -gnocchi_service_project_name: "{{ (gnocchi_storage_driver is defined and gnocchi_storage_driver == 'swift') | ternary('gnocchi_swift', 'service') }}" - -# RPC -glance_rabbitmq_userid: glance -glance_rabbitmq_vhost: /glance -glance_rabbitmq_port: "{{ rabbitmq_port }}" -glance_rabbitmq_servers: "{{ rabbitmq_servers }}" -glance_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -glance_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - -# Telemetry notifications -glance_rabbitmq_telemetry_userid: "{{ glance_rabbitmq_userid }}" -glance_rabbitmq_telemetry_password: "{{ glance_rabbitmq_password }}" -glance_rabbitmq_telemetry_vhost: "{{ glance_rabbitmq_vhost }}" -glance_rabbitmq_telemetry_port: "{{ glance_rabbitmq_port }}" -glance_rabbitmq_telemetry_servers: "{{ glance_rabbitmq_servers }}" -glance_rabbitmq_telemetry_use_ssl: "{{ glance_rabbitmq_use_ssl }}" -glance_rabbitmq_telemetry_host_group: "{{ glance_rabbitmq_host_group }}" - -# If there are any Ceilometer hosts in the environment, then enable its usage -glance_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" - -## Heat - -# These are here rather than in heat_all because -# both the os_ceilometer and os_heat roles require them - -# RPC -heat_rabbitmq_userid: heat -heat_rabbitmq_vhost: /heat -heat_rabbitmq_port: "{{ rabbitmq_port }}" -heat_rabbitmq_servers: "{{ rabbitmq_servers }}" -heat_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -heat_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - -# Telemetry notifications -heat_rabbitmq_telemetry_userid: "{{ heat_rabbitmq_userid }}" -heat_rabbitmq_telemetry_password: "{{ heat_rabbitmq_password }}" -heat_rabbitmq_telemetry_vhost: "{{ heat_rabbitmq_vhost }}" -heat_rabbitmq_telemetry_port: "{{ heat_rabbitmq_port }}" -heat_rabbitmq_telemetry_servers: "{{ heat_rabbitmq_servers }}" -heat_rabbitmq_telemetry_use_ssl: "{{ heat_rabbitmq_use_ssl }}" -heat_rabbitmq_telemetry_host_group: "{{ heat_rabbitmq_host_group }}" - -# If there are any Ceilometer hosts in the environment, then enable its usage -heat_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" - -## Ironic -ironic_keystone_auth_plugin: password -ironic_rabbitmq_userid: ironic -ironic_rabbitmq_vhost: /ironic -ironic_rabbitmq_port: "{{ rabbitmq_port }}" -ironic_rabbitmq_servers: "{{ rabbitmq_servers }}" -ironic_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -ironic_rabbitmq_host_group: "{{ rabbitmq_host_group }}" -ironic_service_name: ironic -ironic_service_user_name: ironic -ironic_service_proto: http -ironic_service_port: 6385 -ironic_service_project_name: service -ironic_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(ironic_service_proto) }}" -ironic_service_adminurl: "{{ ironic_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ ironic_service_port }}" - -## Keystone -keystone_admin_user_name: admin -keystone_admin_tenant_name: admin -keystone_admin_port: 35357 -keystone_service_port: 5000 -keystone_service_proto: http -keystone_service_region: "{{ service_region }}" - -# These are here rather than in keystone_all because -# both the os_ceilometer and os_keystone roles require them - -# RPC -keystone_rabbitmq_userid: keystone -keystone_rabbitmq_vhost: /keystone -keystone_rabbitmq_port: "{{ rabbitmq_port }}" -keystone_rabbitmq_servers: "{{ rabbitmq_servers }}" -keystone_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -keystone_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - -# Telemetry notifications -keystone_rabbitmq_telemetry_userid: "{{ keystone_rabbitmq_userid }}" -keystone_rabbitmq_telemetry_password: "{{ keystone_rabbitmq_password }}" -keystone_rabbitmq_telemetry_vhost: "{{ keystone_rabbitmq_vhost }}" -keystone_rabbitmq_telemetry_port: "{{ keystone_rabbitmq_port }}" -keystone_rabbitmq_telemetry_servers: "{{ keystone_rabbitmq_servers }}" -keystone_rabbitmq_telemetry_use_ssl: "{{ keystone_rabbitmq_use_ssl }}" -keystone_rabbitmq_telemetry_host_group: "{{ keystone_rabbitmq_host_group }}" - -# If there are any Ceilometer hosts in the environment, then enable its usage -keystone_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" - -keystone_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(keystone_service_proto) }}" -keystone_service_adminuri_insecure: "{% if keystone_service_adminuri_proto == 'https' and (keystone_user_ssl_cert is not defined or haproxy_user_ssl_cert is not defined) | bool %}true{% else %}false{% endif %}" -keystone_service_adminuri: "{{ keystone_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_admin_port }}" -keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" - -keystone_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(keystone_service_proto) }}" -keystone_service_internaluri_insecure: "{% if keystone_service_internaluri_proto == 'https' and (keystone_user_ssl_cert is not defined or haproxy_user_ssl_cert is not defined) | bool %}true{% else %}false{% endif %}" -keystone_service_internaluri: "{{ keystone_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_service_port }}" -keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" - -keystone_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(keystone_service_proto) }}" -keystone_service_publicuri_insecure: "{% if keystone_service_publicuri_proto == 'https' and (keystone_user_ssl_cert is not defined or haproxy_user_ssl_cert is not defined) | bool %}true{% else %}false{% endif %}" -keystone_service_publicuri: "{{ keystone_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ keystone_service_port }}" -keystone_service_publicurl: "{{ keystone_service_publicuri }}/v3" - -## Neutron -neutron_service_port: 9696 -neutron_service_proto: http -neutron_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(neutron_service_proto) }}" -neutron_service_adminuri: "{{ neutron_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ neutron_service_port }}" -neutron_service_adminurl: "{{ neutron_service_adminuri }}" -neutron_service_user_name: neutron -neutron_service_project_name: service -neutron_service_region: "{{ service_region }}" - -# These are here rather than in neutron_all because -# both the os_ceilometer and os_neutron roles require them - -# RPC -neutron_rabbitmq_userid: neutron -neutron_rabbitmq_vhost: /neutron -neutron_rabbitmq_port: "{{ rabbitmq_port }}" -neutron_rabbitmq_servers: "{{ rabbitmq_servers }}" -neutron_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -neutron_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - -# Telemetry notifications -neutron_rabbitmq_telemetry_userid: "{{ neutron_rabbitmq_userid }}" -neutron_rabbitmq_telemetry_password: "{{ neutron_rabbitmq_password }}" -neutron_rabbitmq_telemetry_vhost: "{{ neutron_rabbitmq_vhost }}" -neutron_rabbitmq_telemetry_port: "{{ neutron_rabbitmq_port }}" -neutron_rabbitmq_telemetry_servers: "{{ neutron_rabbitmq_servers }}" -neutron_rabbitmq_telemetry_use_ssl: "{{ neutron_rabbitmq_use_ssl }}" -neutron_rabbitmq_telemetry_host_group: "{{ neutron_rabbitmq_host_group }}" - -# If there are any Designate hosts in the environment, then enable its usage -neutron_designate_enabled: "{{ (groups['designate_all'] is defined) and (groups['designate_all'] | length > 0) }}" -# If there are any Ceilometer hosts in the environment, then enable its usage -neutron_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" - -neutron_plugin_type: ml2.lxb - -## Nova -nova_service_port: 8774 -nova_metadata_port: 8775 -nova_service_proto: http -nova_metadata_protocol: "{{ openstack_service_internaluri_proto | default(nova_service_proto) }}" -nova_metadata_insecure: False -nova_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(nova_service_proto) }}" -nova_service_adminuri: "{{ nova_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ nova_service_port }}" -nova_service_adminurl: "{{ nova_service_adminuri }}/v2.1" -nova_service_region: "{{ service_region }}" -nova_service_user_name: nova -nova_service_project_name: service -nova_service_project_domain_id: default -nova_service_user_domain_id: default -nova_keystone_auth_plugin: password -nova_console_type: spice -nova_novncproxy_port: 6080 -nova_spice_html5proxy_base_port: 6082 -nova_console_port: "{% if nova_console_type == 'spice' %}{{ nova_spice_html5proxy_base_port }}{% else %}{{ nova_novncproxy_port }}{% endif %}" - -# These are here rather than in nova_all because -# both the os_ceilometer and os_nova roles require them - -# RPC -nova_rabbitmq_userid: nova -nova_rabbitmq_vhost: /nova -nova_rabbitmq_port: "{{ rabbitmq_port }}" -nova_rabbitmq_servers: "{{ rabbitmq_servers }}" -nova_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -nova_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - -# Telemetry notifications -nova_rabbitmq_telemetry_userid: "{{ nova_rabbitmq_userid }}" -nova_rabbitmq_telemetry_password: "{{ nova_rabbitmq_password }}" -nova_rabbitmq_telemetry_vhost: "{{ nova_rabbitmq_vhost }}" -nova_rabbitmq_telemetry_port: "{{ nova_rabbitmq_port }}" -nova_rabbitmq_telemetry_servers: "{{ nova_rabbitmq_servers }}" -nova_rabbitmq_telemetry_use_ssl: "{{ nova_rabbitmq_use_ssl }}" -nova_rabbitmq_telemetry_host_group: "{{ nova_rabbitmq_host_group }}" - -# If there are any Designate hosts in the environment, then enable its usage -nova_designate_enabled: "{{ (groups['designate_all'] is defined) and (groups['designate_all'] | length > 0) }}" -# If there are any Ceilometer hosts in the environment, then enable its usage -nova_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" -# If there are any Barbican hosts in the environment, then enable its usage -nova_barbican_enabled: "{{ (groups['barbican_all'] is defined) and (groups['barbican_all'] | length > 0) }}" - -## Octavia -octavia_service_port: 9876 -octavia_service_proto: http -octavia_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(octavia_service_proto) }}" -octavia_service_internaluri: "{{ octavia_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}" -octavia_service_internalurl: "{{ octavia_service_internaluri }}/v1/%(tenant_id)s" - -octavia_service_user_name: octavia -octavia_service_url: "{{ octavia_service_internaluri }}" - -# RPC -octavia_rabbitmq_userid: octavia -octavia_rabbitmq_vhost: /octavia -octavia_rabbitmq_port: "{{ rabbitmq_port }}" -octavia_rabbitmq_servers: "{{ rabbitmq_servers }}" -octavia_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -octavia_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - - -## Sahara -#RPC -sahara_rabbitmq_userid: sahara -sahara_rabbitmq_vhost: /sahara -sahara_rabbitmq_port: "{{ rabbitmq_port }}" -sahara_rabbitmq_servers: "{{ rabbitmq_servers }}" -sahara_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -sahara_rabbitmq_host_group: "{{ rabbitmq_host_group }}" - -# Telemetry notifications -sahara_rabbitmq_telemetry_userid: "{{ sahara_rabbitmq_userid }}" -sahara_rabbitmq_telemetry_password: "{{ sahara_rabbitmq_password }}" -sahara_rabbitmq_telemetry_vhost: "{{ sahara_rabbitmq_vhost }}" -sahara_rabbitmq_telemetry_port: "{{ sahara_rabbitmq_port }}" -sahara_rabbitmq_telemetry_servers: "{{ sahara_rabbitmq_servers }}" -sahara_rabbitmq_telemetry_use_ssl: "{{ sahara_rabbitmq_use_ssl }}" -sahara_rabbitmq_telemetry_host_group: "{{ sahara_rabbitmq_host_group }}" - -# If there are any Ceilometer and Sahara hosts in the environment, then enable its usage -sahara_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['sahara_all'] is defined) and (groups['ceilometer_all'] | length > 0) and (groups['sahara_all'] | length > 0) }}" - -## Swift -swift_proxy_port: 8080 -swift_system_user_name: swift -swift_system_shell: /bin/bash -swift_system_comment: swift system user -swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}" - -# Swift Telemetry notifications -swift_rabbitmq_telemetry_userid: "swift" -swift_rabbitmq_telemetry_vhost: "/swift" -swift_rabbitmq_telemetry_servers: "{{ rabbitmq_servers }}" -swift_rabbitmq_telemetry_host_group: "{{ rabbitmq_host_group }}" - -# If there are any Ceilometer and Swift hosts in the environment, then enable its usage -swift_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['swift_proxy'] is defined) and (groups['ceilometer_all'] | length > 0) and (groups['swift_proxy'] | length > 0) }}" - -## OpenStack Openrc -openrc_os_auth_url: "{{ keystone_service_internalurl }}" -openrc_os_password: "{{ keystone_auth_admin_password }}" -openrc_os_domain_name: "Default" -openrc_region_name: "{{ service_region }}" - -## Host security hardening -# The openstack-ansible-security role provides security hardening for hosts -# by applying security configurations from the STIG. Hardening is enabled by -# default, but an option to opt out is available by setting the following -# variable to 'false'. -# Docs: http://docs.openstack.org/developer/openstack-ansible-security/ -apply_security_hardening: true - -## Ansible ssh configuration -ansible_ssh_extra_args: > - -o UserKnownHostsFile=/dev/null - -o StrictHostKeyChecking=no - -o ServerAliveInterval=64 - -o ServerAliveCountMax=1024 - -o Compression=no - -o TCPKeepAlive=yes - -o VerifyHostKeyDNS=no - -o ForwardX11=no - -o ForwardAgent=yes - -T - -## ceph-ansible configuration -mon_group_name: ceph-mon -osd_group_name: ceph-osd -ceph_stable: true -# The _stable_release var is used by both the OSA ceph_client role and the -# ceph-ansible roles. It is defaulted in ceph_client but set here to keep the -# OSA/ceph-ansible integrations in sync. -ceph_stable_release: jewel -fetch_directory: /etc/openstack_deploy/ceph-fetch/ -# tries to create /var/log/ceph as a directory and fails if the log link already -# exists. we handle the log dir creation so this is not something we need -# ceph-common to prepare for us. -rbd_client_directories: false - -# Magnum -magnum_bind_port: 9511 -magnum_service_proto: http -magnum_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(magnum_service_proto) }}" -magnum_service_publicurl: "{{ magnum_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ magnum_bind_port }}" -magnum_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(magnum_service_proto) }}" -magnum_service_internalurl: "{{ magnum_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ magnum_bind_port }}" -magnum_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(magnum_service_proto) }}" -magnum_service_adminurl: "{{ magnum_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ magnum_bind_port }}" diff --git a/playbooks/inventory/group_vars/all/all.yml b/playbooks/inventory/group_vars/all/all.yml new file mode 100644 index 0000000000..5f8ddf7611 --- /dev/null +++ b/playbooks/inventory/group_vars/all/all.yml @@ -0,0 +1,115 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## OpenStack Source Code Release +openstack_release: master + +## Verbosity Options +debug: False + +## SSH connection wait time +ssh_delay: 5 + +# Set the package install state for distribution packages +# Options are 'present' and 'latest' +package_state: "latest" + +# Set "/var/log" to be a bind mount to the physical host. +default_bind_mount_logs: true + +# Set distro variable +os_distro_version: "{{ ansible_distribution | lower }}-{{ ansible_distribution_version.split('.')[:2] | join('.') }}-{{ ansible_architecture | lower }}" + +# Ensure that the package state matches the global setting +rsyslog_client_package_state: "{{ package_state }}" + +## OpenStack source options +openstack_repo_url: "http://{{ internal_lb_vip_address }}:{{ repo_server_port }}" +openstack_repo_git_url: "git://{{ internal_lb_vip_address }}" + +# URL for the frozen internal openstack repo. +repo_server_port: 8181 +repo_pkg_cache_enabled: true +repo_pkg_cache_port: 3142 +repo_pkg_cache_url: "http://{{ internal_lb_vip_address }}:{{ repo_pkg_cache_port }}" +repo_release_path: "{{ openstack_repo_url }}/os-releases/{{ openstack_release }}/{{ os_distro_version }}" + +## kernel modules for specific group hosts +# :param name: name of the kernel module +# :param pattern: pattern to search for in /boot/config-$kernel_version to check how module is configured inside kernel +# :param group: group of hosts where the module will be loaded +openstack_host_specific_kernel_modules: + - { name: "ebtables", pattern: "CONFIG_BRIDGE_NF_EBTABLES", group: "network_hosts" } + +## DNS resolution (resolvconf) options +#Group containing resolvers to configure +resolvconf_resolver_group: unbound + +## Enable external SSL handling for general OpenStack services +openstack_external_ssl: true + +## OpenStack global Endpoint Protos +openstack_service_publicuri_proto: https +#openstack_service_adminuri_proto: http +#openstack_service_internaluri_proto: http + +## Region Name +service_region: RegionOne + +## OpenStack Domain +openstack_domain: openstack.local +lxc_container_domain: "{{ openstack_domain }}" + +## DHCP Domain Name +dhcp_domain: openstacklocal + +## LDAP enabled toggle +service_ldap_backend_enabled: "{{ keystone_ldap is defined and keystone_ldap.Default is defined }}" + +## Base venv configuration +venv_tag: "{{ openstack_release }}" +venv_base_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ os_distro_version }}" + + +## Gnocchi +# Used in both Gnocchi and Swift roles. +gnocchi_service_project_name: "{{ (gnocchi_storage_driver is defined and gnocchi_storage_driver == 'swift') | ternary('gnocchi_swift', 'service') }}" + +## OpenStack Openrc +openrc_os_auth_url: "{{ keystone_service_internalurl }}" +openrc_os_password: "{{ keystone_auth_admin_password }}" +openrc_os_domain_name: "Default" +openrc_region_name: "{{ service_region }}" + +## Host security hardening +# The openstack-ansible-security role provides security hardening for hosts +# by applying security configurations from the STIG. Hardening is enabled by +# default, but an option to opt out is available by setting the following +# variable to 'false'. +# Docs: http://docs.openstack.org/developer/openstack-ansible-security/ +apply_security_hardening: true + +## Ansible ssh configuration +ansible_ssh_extra_args: > + -o UserKnownHostsFile=/dev/null + -o StrictHostKeyChecking=no + -o ServerAliveInterval=64 + -o ServerAliveCountMax=1024 + -o Compression=no + -o TCPKeepAlive=yes + -o VerifyHostKeyDNS=no + -o ForwardX11=no + -o ForwardAgent=yes + -T diff --git a/playbooks/inventory/group_vars/all/aodh.yml b/playbooks/inventory/group_vars/all/aodh.yml new file mode 100644 index 0000000000..b7363263ec --- /dev/null +++ b/playbooks/inventory/group_vars/all/aodh.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +aodh_service_region: "{{ service_region }}" +aodh_galera_user: aodh +aodh_galera_database: aodh +aodh_galera_address: "{{ internal_lb_vip_address }}" +aodh_connection_string: "mysql+pymysql://{{ aodh_galera_user }}:{{ aodh_container_db_password }}@{{ aodh_galera_address }}/{{ aodh_galera_database }}?charset=utf8" +aodh_rabbitmq_host_group: "{{ rabbitmq_host_group }}" diff --git a/playbooks/inventory/group_vars/all/ceilometer.yml b/playbooks/inventory/group_vars/all/ceilometer.yml new file mode 100644 index 0000000000..c40338740e --- /dev/null +++ b/playbooks/inventory/group_vars/all/ceilometer.yml @@ -0,0 +1,26 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ceilometer_service_user_name: ceilometer +ceilometer_service_tenant_name: service + +# These are here rather than in ceilometer_all because +# both the os_ceilometer and os_swift roles require them +ceilometer_rabbitmq_userid: ceilometer +ceilometer_rabbitmq_vhost: /ceilometer +ceilometer_rabbitmq_port: "{{ rabbitmq_port }}" +ceilometer_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +ceilometer_rabbitmq_servers: "{{ rabbitmq_servers }}" +ceilometer_rabbitmq_host_group: "{{ rabbitmq_host_group }}" diff --git a/playbooks/inventory/group_vars/all/ceph.yml b/playbooks/inventory/group_vars/all/ceph.yml new file mode 100644 index 0000000000..aa5e3ae6cc --- /dev/null +++ b/playbooks/inventory/group_vars/all/ceph.yml @@ -0,0 +1,30 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ceph_client_package_state: "{{ package_state }}" + +## ceph-ansible configuration +mon_group_name: ceph-mon +osd_group_name: ceph-osd +ceph_stable: true +# The _stable_release var is used by both the OSA ceph_client role and the +# ceph-ansible roles. It is defaulted in ceph_client but set here to keep the +# OSA/ceph-ansible integrations in sync. +ceph_stable_release: jewel +fetch_directory: /etc/openstack_deploy/ceph-fetch/ +# tries to create /var/log/ceph as a directory and fails if the log link already +# exists. we handle the log dir creation so this is not something we need +# ceph-common to prepare for us. +rbd_client_directories: false diff --git a/playbooks/inventory/group_vars/all/cinder.yml b/playbooks/inventory/group_vars/all/cinder.yml new file mode 100644 index 0000000000..313627283e --- /dev/null +++ b/playbooks/inventory/group_vars/all/cinder.yml @@ -0,0 +1,56 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +cinder_service_region: "{{ service_region }}" +cinder_service_port: 8776 +# If there are Swift hosts in the environment, then enable cinder backups to it +cinder_service_backup_program_enabled: "{{ groups['swift_all'] is defined and groups['swift_all'] | length > 0 }}" +# cinder_backend_rbd_inuse: True if current host has an rbd backend +cinder_backend_rbd_inuse: '{{ (cinder_backends|default("")|to_json).find("cinder.volume.drivers.rbd.RBDDriver") != -1 }}' +# cinder_backends_rbd_inuse: true if at least 1 cinder_backend on any +# cinder_volume host uses Ceph RBD +# http://stackoverflow.com/questions/9486393/jinja2-change-the-value-of-a-variable-inside-a-loop +cinder_backends_rbd_inuse: >- + {% set _var = False -%} + {% for host in groups['cinder_volume'] -%} + {% if hostvars[host]['cinder_backend_rbd_inuse'] | bool -%} + {% set _var = True -%} + {% endif -%} + {% endfor -%} + {{ _var }} +cinder_ceph_client: cinder + +# These are here rather than in cinder_all because +# both the os_ceilometer and os_cinder roles require them + +# RPC +cinder_rabbitmq_userid: cinder +cinder_rabbitmq_vhost: /cinder +cinder_rabbitmq_port: "{{ rabbitmq_port }}" +cinder_rabbitmq_servers: "{{ rabbitmq_servers }}" +cinder_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +cinder_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +cinder_rabbitmq_telemetry_userid: "{{ cinder_rabbitmq_userid }}" +cinder_rabbitmq_telemetry_password: "{{ cinder_rabbitmq_password }}" +cinder_rabbitmq_telemetry_vhost: "{{ cinder_rabbitmq_vhost }}" +cinder_rabbitmq_telemetry_port: "{{ cinder_rabbitmq_port }}" +cinder_rabbitmq_telemetry_servers: "{{ cinder_rabbitmq_servers }}" +cinder_rabbitmq_telemetry_use_ssl: "{{ cinder_rabbitmq_use_ssl }}" +cinder_rabbitmq_telemetry_host_group: "{{ cinder_rabbitmq_host_group }}" + +# If there are any Ceilometer hosts in the environment, then enable its usage +cinder_ceilometer_enabled: "{{ (groups['cinder_all'] is defined) and (groups['cinder_all'] | length > 0) and (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" diff --git a/playbooks/inventory/group_vars/all/glance.yml b/playbooks/inventory/group_vars/all/glance.yml new file mode 100644 index 0000000000..521aaf4053 --- /dev/null +++ b/playbooks/inventory/group_vars/all/glance.yml @@ -0,0 +1,51 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +glance_service_port: 9292 +glance_service_proto: http +glance_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(glance_service_proto) }}" +glance_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(glance_service_proto) }}" +glance_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(glance_service_proto) }}" +glance_service_publicuri: "{{ glance_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ glance_service_port }}" +glance_service_publicurl: "{{ glance_service_publicuri }}" +glance_service_internaluri: "{{ glance_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ glance_service_port }}" +glance_service_internalurl: "{{ glance_service_internaluri }}" +glance_service_adminuri: "{{ glance_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ glance_service_port }}" +glance_service_adminurl: "{{ glance_service_adminuri }}" +glance_api_servers: "{{ glance_service_internaluri }}" +glance_service_user_name: glance + +# These are here rather than in glance_all because +# both the os_ceilometer and os_glance roles require them + +# RPC +glance_rabbitmq_userid: glance +glance_rabbitmq_vhost: /glance +glance_rabbitmq_port: "{{ rabbitmq_port }}" +glance_rabbitmq_servers: "{{ rabbitmq_servers }}" +glance_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +glance_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +glance_rabbitmq_telemetry_userid: "{{ glance_rabbitmq_userid }}" +glance_rabbitmq_telemetry_password: "{{ glance_rabbitmq_password }}" +glance_rabbitmq_telemetry_vhost: "{{ glance_rabbitmq_vhost }}" +glance_rabbitmq_telemetry_port: "{{ glance_rabbitmq_port }}" +glance_rabbitmq_telemetry_servers: "{{ glance_rabbitmq_servers }}" +glance_rabbitmq_telemetry_use_ssl: "{{ glance_rabbitmq_use_ssl }}" +glance_rabbitmq_telemetry_host_group: "{{ glance_rabbitmq_host_group }}" + +# If there are any Ceilometer hosts in the environment, then enable its usage +glance_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" diff --git a/playbooks/inventory/group_vars/all/heat.yml b/playbooks/inventory/group_vars/all/heat.yml new file mode 100644 index 0000000000..3642b7e285 --- /dev/null +++ b/playbooks/inventory/group_vars/all/heat.yml @@ -0,0 +1,34 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# RPC +heat_rabbitmq_userid: heat +heat_rabbitmq_vhost: /heat +heat_rabbitmq_port: "{{ rabbitmq_port }}" +heat_rabbitmq_servers: "{{ rabbitmq_servers }}" +heat_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +heat_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +heat_rabbitmq_telemetry_userid: "{{ heat_rabbitmq_userid }}" +heat_rabbitmq_telemetry_password: "{{ heat_rabbitmq_password }}" +heat_rabbitmq_telemetry_vhost: "{{ heat_rabbitmq_vhost }}" +heat_rabbitmq_telemetry_port: "{{ heat_rabbitmq_port }}" +heat_rabbitmq_telemetry_servers: "{{ heat_rabbitmq_servers }}" +heat_rabbitmq_telemetry_use_ssl: "{{ heat_rabbitmq_use_ssl }}" +heat_rabbitmq_telemetry_host_group: "{{ heat_rabbitmq_host_group }}" + +# If there are any Ceilometer hosts in the environment, then enable its usage +heat_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" diff --git a/playbooks/inventory/group_vars/all/infra.yml b/playbooks/inventory/group_vars/all/infra.yml new file mode 100644 index 0000000000..708d9a801c --- /dev/null +++ b/playbooks/inventory/group_vars/all/infra.yml @@ -0,0 +1,31 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## Rabbit options +rabbitmq_host_group: "rabbitmq_all" +rabbitmq_port: "{{ (rabbitmq_use_ssl | bool) | ternary(5671, 5672) }}" + +rabbitmq_use_ssl: True +rabbitmq_servers: "{% for host in groups[rabbitmq_host_group] %}{{ hostvars[host]['ansible_host'] }}{% if not loop.last %},{% endif %}{% endfor %}" + +## Galera options +galera_client_package_state: "{{ package_state }}" +galera_address: "{{ internal_lb_vip_address }}" +galera_root_user: "root" + +## Memcached options +memcached_port: 11211 +memcached_servers: "{% for host in groups['memcached'] %}{{ hostvars[host]['ansible_host'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}" + diff --git a/playbooks/inventory/group_vars/all/ironic.yml b/playbooks/inventory/group_vars/all/ironic.yml new file mode 100644 index 0000000000..7fa55721b3 --- /dev/null +++ b/playbooks/inventory/group_vars/all/ironic.yml @@ -0,0 +1,29 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ironic_keystone_auth_plugin: password +ironic_rabbitmq_userid: ironic +ironic_rabbitmq_vhost: /ironic +ironic_rabbitmq_port: "{{ rabbitmq_port }}" +ironic_rabbitmq_servers: "{{ rabbitmq_servers }}" +ironic_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +ironic_rabbitmq_host_group: "{{ rabbitmq_host_group }}" +ironic_service_name: ironic +ironic_service_user_name: ironic +ironic_service_proto: http +ironic_service_port: 6385 +ironic_service_project_name: service +ironic_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(ironic_service_proto) }}" +ironic_service_adminurl: "{{ ironic_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ ironic_service_port }}" diff --git a/playbooks/inventory/group_vars/all/keystone.yml b/playbooks/inventory/group_vars/all/keystone.yml new file mode 100644 index 0000000000..9867514c43 --- /dev/null +++ b/playbooks/inventory/group_vars/all/keystone.yml @@ -0,0 +1,59 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +keystone_admin_user_name: admin +keystone_admin_tenant_name: admin +keystone_admin_port: 35357 +keystone_service_port: 5000 +keystone_service_proto: http +keystone_service_region: "{{ service_region }}" + +# These are here rather than in keystone_all because +# both the os_ceilometer and os_keystone roles require them + +# RPC +keystone_rabbitmq_userid: keystone +keystone_rabbitmq_vhost: /keystone +keystone_rabbitmq_port: "{{ rabbitmq_port }}" +keystone_rabbitmq_servers: "{{ rabbitmq_servers }}" +keystone_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +keystone_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +keystone_rabbitmq_telemetry_userid: "{{ keystone_rabbitmq_userid }}" +keystone_rabbitmq_telemetry_password: "{{ keystone_rabbitmq_password }}" +keystone_rabbitmq_telemetry_vhost: "{{ keystone_rabbitmq_vhost }}" +keystone_rabbitmq_telemetry_port: "{{ keystone_rabbitmq_port }}" +keystone_rabbitmq_telemetry_servers: "{{ keystone_rabbitmq_servers }}" +keystone_rabbitmq_telemetry_use_ssl: "{{ keystone_rabbitmq_use_ssl }}" +keystone_rabbitmq_telemetry_host_group: "{{ keystone_rabbitmq_host_group }}" + +# If there are any Ceilometer hosts in the environment, then enable its usage +keystone_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" + +keystone_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(keystone_service_proto) }}" +keystone_service_adminuri_insecure: "{% if keystone_service_adminuri_proto == 'https' and (keystone_user_ssl_cert is not defined or haproxy_user_ssl_cert is not defined) | bool %}true{% else %}false{% endif %}" +keystone_service_adminuri: "{{ keystone_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_admin_port }}" +keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" + +keystone_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(keystone_service_proto) }}" +keystone_service_internaluri_insecure: "{% if keystone_service_internaluri_proto == 'https' and (keystone_user_ssl_cert is not defined or haproxy_user_ssl_cert is not defined) | bool %}true{% else %}false{% endif %}" +keystone_service_internaluri: "{{ keystone_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_service_port }}" +keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" + +keystone_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(keystone_service_proto) }}" +keystone_service_publicuri_insecure: "{% if keystone_service_publicuri_proto == 'https' and (keystone_user_ssl_cert is not defined or haproxy_user_ssl_cert is not defined) | bool %}true{% else %}false{% endif %}" +keystone_service_publicuri: "{{ keystone_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ keystone_service_port }}" +keystone_service_publicurl: "{{ keystone_service_publicuri }}/v3" diff --git a/playbooks/inventory/group_vars/all/magnum.yml b/playbooks/inventory/group_vars/all/magnum.yml new file mode 100644 index 0000000000..3c49645937 --- /dev/null +++ b/playbooks/inventory/group_vars/all/magnum.yml @@ -0,0 +1,23 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +magnum_bind_port: 9511 +magnum_service_proto: http +magnum_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(magnum_service_proto) }}" +magnum_service_publicurl: "{{ magnum_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ magnum_bind_port }}" +magnum_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(magnum_service_proto) }}" +magnum_service_internalurl: "{{ magnum_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ magnum_bind_port }}" +magnum_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(magnum_service_proto) }}" +magnum_service_adminurl: "{{ magnum_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ magnum_bind_port }}" diff --git a/playbooks/inventory/group_vars/all/neutron.yml b/playbooks/inventory/group_vars/all/neutron.yml new file mode 100644 index 0000000000..f75598cdb6 --- /dev/null +++ b/playbooks/inventory/group_vars/all/neutron.yml @@ -0,0 +1,50 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +neutron_service_port: 9696 +neutron_service_proto: http +neutron_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(neutron_service_proto) }}" +neutron_service_adminuri: "{{ neutron_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ neutron_service_port }}" +neutron_service_adminurl: "{{ neutron_service_adminuri }}" +neutron_service_user_name: neutron +neutron_service_project_name: service +neutron_service_region: "{{ service_region }}" + +# These are here rather than in neutron_all because +# both the os_ceilometer and os_neutron roles require them + +# RPC +neutron_rabbitmq_userid: neutron +neutron_rabbitmq_vhost: /neutron +neutron_rabbitmq_port: "{{ rabbitmq_port }}" +neutron_rabbitmq_servers: "{{ rabbitmq_servers }}" +neutron_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +neutron_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +neutron_rabbitmq_telemetry_userid: "{{ neutron_rabbitmq_userid }}" +neutron_rabbitmq_telemetry_password: "{{ neutron_rabbitmq_password }}" +neutron_rabbitmq_telemetry_vhost: "{{ neutron_rabbitmq_vhost }}" +neutron_rabbitmq_telemetry_port: "{{ neutron_rabbitmq_port }}" +neutron_rabbitmq_telemetry_servers: "{{ neutron_rabbitmq_servers }}" +neutron_rabbitmq_telemetry_use_ssl: "{{ neutron_rabbitmq_use_ssl }}" +neutron_rabbitmq_telemetry_host_group: "{{ neutron_rabbitmq_host_group }}" + +# If there are any Designate hosts in the environment, then enable its usage +neutron_designate_enabled: "{{ (groups['designate_all'] is defined) and (groups['designate_all'] | length > 0) }}" +# If there are any Ceilometer hosts in the environment, then enable its usage +neutron_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" + +neutron_plugin_type: ml2.lxb diff --git a/playbooks/inventory/group_vars/all/nova.yml b/playbooks/inventory/group_vars/all/nova.yml new file mode 100644 index 0000000000..50936c3d9c --- /dev/null +++ b/playbooks/inventory/group_vars/all/nova.yml @@ -0,0 +1,60 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +nova_service_port: 8774 +nova_metadata_port: 8775 +nova_service_proto: http +nova_metadata_protocol: "{{ openstack_service_internaluri_proto | default(nova_service_proto) }}" +nova_metadata_insecure: False +nova_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(nova_service_proto) }}" +nova_service_adminuri: "{{ nova_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ nova_service_port }}" +nova_service_adminurl: "{{ nova_service_adminuri }}/v2.1" +nova_service_region: "{{ service_region }}" +nova_service_user_name: nova +nova_service_project_name: service +nova_service_project_domain_id: default +nova_service_user_domain_id: default +nova_keystone_auth_plugin: password +nova_console_type: spice +nova_novncproxy_port: 6080 +nova_spice_html5proxy_base_port: 6082 +nova_console_port: "{% if nova_console_type == 'spice' %}{{ nova_spice_html5proxy_base_port }}{% else %}{{ nova_novncproxy_port }}{% endif %}" + +# These are here rather than in nova_all because +# both the os_ceilometer and os_nova roles require them + +# RPC +nova_rabbitmq_userid: nova +nova_rabbitmq_vhost: /nova +nova_rabbitmq_port: "{{ rabbitmq_port }}" +nova_rabbitmq_servers: "{{ rabbitmq_servers }}" +nova_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +nova_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +nova_rabbitmq_telemetry_userid: "{{ nova_rabbitmq_userid }}" +nova_rabbitmq_telemetry_password: "{{ nova_rabbitmq_password }}" +nova_rabbitmq_telemetry_vhost: "{{ nova_rabbitmq_vhost }}" +nova_rabbitmq_telemetry_port: "{{ nova_rabbitmq_port }}" +nova_rabbitmq_telemetry_servers: "{{ nova_rabbitmq_servers }}" +nova_rabbitmq_telemetry_use_ssl: "{{ nova_rabbitmq_use_ssl }}" +nova_rabbitmq_telemetry_host_group: "{{ nova_rabbitmq_host_group }}" + +# If there are any Designate hosts in the environment, then enable its usage +nova_designate_enabled: "{{ (groups['designate_all'] is defined) and (groups['designate_all'] | length > 0) }}" +# If there are any Ceilometer hosts in the environment, then enable its usage +nova_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" +# If there are any Barbican hosts in the environment, then enable its usage +nova_barbican_enabled: "{{ (groups['barbican_all'] is defined) and (groups['barbican_all'] | length > 0) }}" diff --git a/playbooks/inventory/group_vars/all/octavia.yml b/playbooks/inventory/group_vars/all/octavia.yml new file mode 100644 index 0000000000..bd5787510c --- /dev/null +++ b/playbooks/inventory/group_vars/all/octavia.yml @@ -0,0 +1,31 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +octavia_service_port: 9876 +octavia_service_proto: http +octavia_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(octavia_service_proto) }}" +octavia_service_internaluri: "{{ octavia_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ octavia_service_port }}" +octavia_service_internalurl: "{{ octavia_service_internaluri }}/v1/%(tenant_id)s" + +octavia_service_user_name: octavia +octavia_service_url: "{{ octavia_service_internaluri }}" + +# RPC +octavia_rabbitmq_userid: octavia +octavia_rabbitmq_vhost: /octavia +octavia_rabbitmq_port: "{{ rabbitmq_port }}" +octavia_rabbitmq_servers: "{{ rabbitmq_servers }}" +octavia_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +octavia_rabbitmq_host_group: "{{ rabbitmq_host_group }}" diff --git a/playbooks/inventory/group_vars/all/pip.yml b/playbooks/inventory/group_vars/all/pip.yml new file mode 100644 index 0000000000..39a3aa5711 --- /dev/null +++ b/playbooks/inventory/group_vars/all/pip.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +pip_install_package_state: "{{ package_state }}" + +# These are pinned to ensure exactly the same behaviour forever! +# These pins are updated through the sources-branch-updater script +pip_packages: + - pip==9.0.1 + - setuptools==33.1.1 + - wheel==0.29.0 + +pip_links: + - { name: "openstack_release", link: "{{ repo_release_path }}/" } +pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}" + +# The upper constraints to apply to all pip installations +pip_install_upper_constraints: "{{ repo_release_path }}/requirements_absolute_requirements.txt" + +# The URL to retrieve the get-pip.py installation script +pip_upstream_url: "{{ (pip_offline_install | bool) | ternary('https://bootstrap.pypa.io/get-pip.py', repo_release_path ~ '/get-pip.py') }}" diff --git a/playbooks/inventory/group_vars/all/sahara.yml b/playbooks/inventory/group_vars/all/sahara.yml new file mode 100644 index 0000000000..d79d0c2694 --- /dev/null +++ b/playbooks/inventory/group_vars/all/sahara.yml @@ -0,0 +1,34 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#RPC +sahara_rabbitmq_userid: sahara +sahara_rabbitmq_vhost: /sahara +sahara_rabbitmq_port: "{{ rabbitmq_port }}" +sahara_rabbitmq_servers: "{{ rabbitmq_servers }}" +sahara_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +sahara_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +sahara_rabbitmq_telemetry_userid: "{{ sahara_rabbitmq_userid }}" +sahara_rabbitmq_telemetry_password: "{{ sahara_rabbitmq_password }}" +sahara_rabbitmq_telemetry_vhost: "{{ sahara_rabbitmq_vhost }}" +sahara_rabbitmq_telemetry_port: "{{ sahara_rabbitmq_port }}" +sahara_rabbitmq_telemetry_servers: "{{ sahara_rabbitmq_servers }}" +sahara_rabbitmq_telemetry_use_ssl: "{{ sahara_rabbitmq_use_ssl }}" +sahara_rabbitmq_telemetry_host_group: "{{ sahara_rabbitmq_host_group }}" + +# If there are any Ceilometer and Sahara hosts in the environment, then enable its usage +sahara_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['sahara_all'] is defined) and (groups['ceilometer_all'] | length > 0) and (groups['sahara_all'] | length > 0) }}" diff --git a/playbooks/inventory/group_vars/all/ssl.yml b/playbooks/inventory/group_vars/all/ssl.yml new file mode 100644 index 0000000000..9ff527b12f --- /dev/null +++ b/playbooks/inventory/group_vars/all/ssl.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## SSL +# These do not need to be configured unless you're creating certificates for +# services running behind Apache (currently, Horizon and Keystone). +ssl_protocol: "ALL -SSLv2 -SSLv3" +# Cipher suite string from https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ +ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS" diff --git a/playbooks/inventory/group_vars/all/swift.yml b/playbooks/inventory/group_vars/all/swift.yml new file mode 100644 index 0000000000..658759ae3c --- /dev/null +++ b/playbooks/inventory/group_vars/all/swift.yml @@ -0,0 +1,29 @@ +--- +# Copyright 2017, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +swift_proxy_port: 8080 +swift_system_user_name: swift +swift_system_shell: /bin/bash +swift_system_comment: swift system user +swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}" + +# Swift Telemetry notifications +swift_rabbitmq_telemetry_userid: "swift" +swift_rabbitmq_telemetry_vhost: "/swift" +swift_rabbitmq_telemetry_servers: "{{ rabbitmq_servers }}" +swift_rabbitmq_telemetry_host_group: "{{ rabbitmq_host_group }}" + +# If there are any Ceilometer and Swift hosts in the environment, then enable its usage +swift_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['swift_proxy'] is defined) and (groups['ceilometer_all'] | length > 0) and (groups['swift_proxy'] | length > 0) }}" diff --git a/scripts/sources-branch-updater.sh b/scripts/sources-branch-updater.sh index 8161cbd4e7..011078d329 100755 --- a/scripts/sources-branch-updater.sh +++ b/scripts/sources-branch-updater.sh @@ -197,7 +197,7 @@ sed -i.bak "s|^PIP_INSTALL_OPTIONS=.*|PIP_INSTALL_OPTIONS=\$\{PIP_INSTALL_OPTION for pin in ${PIP_CURRENT_OPTIONS}; do sed -i.bak "s|^$(echo ${pin} | cut -f1 -d=).*|${pin}|" global-requirement-pins.txt - sed -i.bak "s|^ - $(echo ${pin} | cut -f1 -d=).*| - ${pin}|" playbooks/inventory/group_vars/all.yml + sed -i.bak "s|^ - $(echo ${pin} | cut -f1 -d=).*| - ${pin}|" playbooks/inventory/group_vars/all/pip.yml done echo "Updated pip install options/pins" @@ -263,13 +263,13 @@ else echo "Skipping the ansible-role-requirements.yml update as we're working on the master branch" fi -# Update the release version in playbooks/inventory/group_vars/all.yml +# Update the release version in playbooks/inventory/group_vars/all/all.yml # We don't want to be doing this for the master branch and we only want # to do it once, so we key off of a specific repo source file name. if [[ "${OSA_BRANCH}" != "master" ]] && [[ "${SERVICE_FILE}" == "playbooks/defaults/repo_packages/openstack_services.yml" ]]; then echo "Updating the release version..." - currentversion=$(awk '/openstack_release:/ {print $2}' playbooks/inventory/group_vars/all.yml) + currentversion=$(awk '/openstack_release:/ {print $2}' playbooks/inventory/group_vars/all/all.yml) # Extract the required version info major_version=$( echo ${currentversion} | cut -d. -f1 ) @@ -279,7 +279,7 @@ if [[ "${OSA_BRANCH}" != "master" ]] && [[ "${SERVICE_FILE}" == "playbooks/defau # increment the patch version patch_version=$(( patch_version + 1 )) - sed -i .bak "s/${currentversion}/${major_version}.${minor_version}.${patch_version}/" playbooks/inventory/group_vars/all.yml + sed -i .bak "s/${currentversion}/${major_version}.${minor_version}.${patch_version}/" playbooks/inventory/group_vars/all/all.yml else echo "Skipping the release version update as we're working on the master branch" fi diff --git a/scripts/update-revision.sh b/scripts/update-revision.sh index 53a31e044e..385bdf734a 100644 --- a/scripts/update-revision.sh +++ b/scripts/update-revision.sh @@ -40,5 +40,5 @@ esac shift done -sed -i.bak "s/^openstack_release\:.*/openstack_release\: ${REVISION}/" playbooks/inventory/group_vars/all.yml +sed -i.bak "s/^openstack_release\:.*/openstack_release\: ${REVISION}/" playbooks/inventory/group_vars/all/all.yml