diff --git a/playbooks/ceph-rgw-install.yml b/playbooks/ceph-rgw-install.yml index c4eaae869b..86b53077d2 100644 --- a/playbooks/ceph-rgw-install.yml +++ b/playbooks/ceph-rgw-install.yml @@ -13,110 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Importing ceph-rgw-keystone-setup playbook - import_playbook: ceph-rgw-keystone-setup.yml - when: (groups[rgw_group_name] is defined and groups[rgw_group_name] | length > 0) or (ceph_rgws | length > 0) - -- name: Gather ceph-rgw facts - hosts: ceph-rgw - gather_facts: "{{ osa_gather_facts | default(True) }}" - tags: - - always - -- name: Install ceph radosgw - hosts: ceph-rgw - gather_facts: false - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: Including unbound-clients role - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - # Set the priority of the ceph community apt repo either above or below that of UCA or distro sources - - name: Set apt package pins - include_role: - name: apt_package_pinning - vars: - apt_package_pinning_file_name: "ceph_community_pin.pref" - apt_package_pinning_priority: "{{ (ceph_repository == 'community') | ternary(1000, 100) }}" - apt_pinned_packages: [{ package: '*', release: 'ceph.com' }] - when: - - ansible_facts['pkg_mgr'] == 'apt' - - - name: Install python3-yaml - package: - name: "{{ (ansible_facts['os_family'] | lower == 'debian') | ternary('python3-yaml', 'python3-pyyaml') }}" - state: present - - - name: Gather ceph-mon facts - action: setup - delegate_to: "{{ item }}" - delegate_facts: yes - with_items: "{{ groups[mon_group_name] }}" - when: - - inventory_hostname == ansible_play_hosts[0] - tags: - - ceph-mon-facts - - ceph-rgw - - - name: Create and install SSL certificates - include_role: - name: pki - tasks_from: main_certs.yml - apply: - tags: - - ceph-rgw-config - - pki - vars: - pki_setup_host: "{{ ceph_rgw_pki_setup_host }}" - pki_dir: "{{ ceph_rgw_pki_dir }}" - pki_create_certificates: "{{ ceph_rgw_user_ssl_cert is not defined and ceph_rgw_user_ssl_key is not defined }}" - pki_regen_cert: "{{ ceph_rgw_pki_regen_cert }}" - pki_certificates: "{{ ceph_rgw_pki_certificates }}" - pki_install_certificates: "{{ ceph_rgw_pki_install_certificates }}" - when: - - ceph_rgw_backend_ssl - tags: - - always - - roles: - - role: ceph-defaults - tags: - - skip_ansible_lint - - role: ceph-facts - tags: - - skip_ansible_lint - - role: ceph-common - tags: - - skip_ansible_lint - - role: ceph-handler - tags: - - skip_ansible_lint - - role: ceph-config - tags: - - skip_ansible_lint - - role: ceph-rgw - tags: - - skip_ansible_lint - - role: "openstack.osa.system_crontab_coordination" - tags: - - "system-crontab-coordination" - - vars: - is_metal: "{{ properties.is_metal|default(false) }}" - radosgw_civetweb_port: "{{ radosgw_service_port }}" - tags: - - ceph-rgw +- name: Importing ceph_rgw_install playbook + import_playbook: openstack.osa.ceph_rgw_install diff --git a/playbooks/ceph-rgw-keystone-setup.yml b/playbooks/ceph-rgw-keystone-setup.yml index 4c09cdfc08..7697dd2bd3 100644 --- a/playbooks/ceph-rgw-keystone-setup.yml +++ b/playbooks/ceph-rgw-keystone-setup.yml @@ -13,103 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Configure keystone for radosgw - hosts: "{{ openstack_service_setup_host | default('localhost') }}" - user: root - vars: - ansible_python_interpreter: >- - {{ openstack_service_setup_host_python_interpreter | - default((openstack_service_setup_host | - default('localhost') == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }} - tags: - - ceph-rgw - - ceph-rgw-setup - - rgw-service-add - tasks: - - name: Setup installation variables - import_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method | default('source') }}" - tags: - - always - - - name: Add service to the keystone service catalog - openstack.cloud.catalog_service: - cloud: default - state: present - name: "{{ radosgw_service_name }}" - service_type: "{{ radosgw_service_type }}" - description: "{{ radosgw_service_description }}" - interface: admin - verify: "{{ not (keystone_service_adminuri_insecure | bool) }}" - register: add_service - until: add_service is success - retries: 5 - delay: 10 - tags: - - ceph-rgw-setup - - rgw-service-add - - - name: Add service user - openstack.cloud.identity_user: - cloud: default - state: present - name: "{{ radosgw_admin_user }}" - password: "{{ radosgw_admin_password }}" - domain: default - default_project: "{{ radosgw_admin_tenant }}" - interface: admin - verify: "{{ not (keystone_service_adminuri_insecure | bool) }}" - register: add_user - until: add_user is success - retries: 5 - delay: 10 - no_log: True - - - name: Add service user to roles - openstack.cloud.role_assignment: - cloud: default - state: present - user: "{{ radosgw_admin_user }}" - role: "{{ radosgw_role_name | default('admin') }}" - project: "{{ radosgw_admin_tenant }}" - interface: admin - verify: "{{ not (keystone_service_adminuri_insecure | bool) }}" - register: add_user_role - until: add_user_role is success - retries: 5 - delay: 10 - - - name: Add service role - openstack.cloud.identity_role: - cloud: default - state: present - name: "swiftoperator" - interface: admin - verify: "{{ not (keystone_service_adminuri_insecure | bool) }}" - register: add_role - until: add_role is success - retries: 5 - delay: 10 - - - name: Add endpoints to keystone endpoint catalog - openstack.cloud.endpoint: - cloud: default - state: present - service: "{{ radosgw_service_name }}" - endpoint_interface: "{{ item.interface }}" - url: "{{ item.url }}" - region: "{{ radosgw_service_region }}" - interface: admin - verify: "{{ not (keystone_service_adminuri_insecure | bool) }}" - register: add_service - until: add_service is success - retries: 5 - delay: 10 - with_items: - - interface: "public" - url: "{{ radosgw_service_publicurl }}" - - interface: "internal" - url: "{{ radosgw_service_internalurl }}" - - interface: "admin" - url: "{{ radosgw_service_adminurl }}" +- name: Importing ceph_rgw_keystone_setup playbook + import_playbook: openstack.osa.ceph_rgw_keystone_setup diff --git a/playbooks/common-playbooks/cinder.yml b/playbooks/common-playbooks/cinder.yml deleted file mode 100644 index d341a7192b..0000000000 --- a/playbooks/common-playbooks/cinder.yml +++ /dev/null @@ -1,139 +0,0 @@ ---- -# Copyright 2014, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Install cinder services - hosts: "{{ cinder_hosts }}" - serial: "{{ cinder_serial }}" - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: cinder_api-back - haproxy_state: disabled - when: - - "'cinder_api' in group_names" - - "groups['cinder_api'] | length > 1" - tags: - - always - - - name: Determine storage bridge IP address - include_role: - name: openstack.osa.dynamic_address_fact - vars: - network_address: "storage_address" - tags: - - always - - - name: Configure container (cinder-volume) when lvm is in-use - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - vars: - extra_container_config: - - "lxc.autodev=0" - - "lxc.cgroup.devices.allow=a *:* rmw" - - "lxc.mount.entry=udev dev devtmpfs defaults 0 0" - extra_container_config_no_restart: - - "lxc.start.order=39" - when: - - "not is_metal" - - "'cinder_volume' in group_names" - - "cinder_backend_lvm_inuse | bool" - - - name: Configure container (other services) - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: - - "not is_metal" - - "not ( 'cinder_volume' in group_names and cinder_backend_lvm_inuse | bool )" - - - name: Including unbound-clients tasks - include_tasks: ../common-tasks/unbound-clients.yml - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - - name: Add volume group block device to cinder # noqa: no-changed-when - shell: | - set -o pipefail - {% if item.value.volume_group is defined %} - if [ "$(pvdisplay | grep -B1 {{ item.value.volume_group }} | awk '/PV/ {print $3}')" ];then - for device in `pvdisplay | grep -B1 {{ item.value.volume_group }} | awk '/PV/ {print $3}'` - do lxc-device -n {{ container_name }} add $device - done - fi - {% else %} - echo "{{ item.key }} volume_group not defined" - {% endif %} - args: - executable: /bin/bash - with_dict: "{{ cinder_backends | default({}) }}" - when: - - container_tech | default('lxc') == 'lxc' - - physical_host != container_name - - cinder_backend_lvm_inuse | bool - delegate_to: "{{ physical_host }}" - - - name: Trigger udevadm # noqa: no-changed-when - command: udevadm trigger - delegate_to: "{{ physical_host }}" - when: cinder_backend_lvm_inuse | bool - - roles: - - role: "os_cinder" - cinder_storage_address: "{{ storage_address }}" - - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: cinder_api-back - haproxy_state: enabled - when: - - "'cinder_api' in group_names" - - "groups['cinder_api'] | length > 1" - tags: - - always diff --git a/playbooks/common-playbooks/neutron.yml b/playbooks/common-playbooks/neutron.yml deleted file mode 100644 index 8b8c4711b9..0000000000 --- a/playbooks/common-playbooks/neutron.yml +++ /dev/null @@ -1,112 +0,0 @@ ---- -# Copyright 2014, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Install neutron services - hosts: "{{ neutron_hosts }}" - serial: "{{ neutron_serial }}" - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: neutron_server-back - haproxy_state: disabled - when: - - "'neutron_server' in group_names" - - "groups['neutron_server'] | length > 1" - tags: - - always - - - name: Determine tunnel bridge IP address - include_role: - name: openstack.osa.dynamic_address_fact - vars: - network_address: "tunnel_address" - tags: - - always - - - name: Configure container (neutron-agent) - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - vars: - list_of_bind_mounts: - - bind_dir_path: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary('/lib/modules', '/usr/lib/modules') }}" - mount_path: "{{ (ansible_facts['pkg_mgr'] == 'apt') | ternary('/lib/modules', '/usr/lib/modules') }}" - extra_container_config: - - "lxc.cgroup.devices.allow=a *:* rmw" - extra_container_config_no_restart: - - "lxc.start.order=29" - when: - - "not is_metal" - - "'neutron_agent' in group_names" - - - name: Configure container (other services) - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: - - "not is_metal" - - "'neutron_agent' not in group_names" - - - name: Including unbound-clients tasks - include_tasks: ../common-tasks/unbound-clients.yml - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_neutron" - - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: neutron_server-back - haproxy_state: enabled - when: - - "'neutron_server' in group_names" - - "groups['neutron_server'] | length > 1" - tags: - - always diff --git a/playbooks/os-adjutant-install.yml b/playbooks/os-adjutant-install.yml index 739ed86c1e..c3e6388000 100644 --- a/playbooks/os-adjutant-install.yml +++ b/playbooks/os-adjutant-install.yml @@ -13,88 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather adjutant facts - hosts: adjutant_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: adjutant_api - service_variable: "adjutant_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install adjutant services - hosts: adjutant_all - gather_facts: false - serial: "{{ adjutant_api_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: adjutant_api-back - haproxy_state: disabled - when: - - "'adjutant_api' in group_names" - - "groups['adjutant_api'] | length > 1" - tags: - - always - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_adjutant" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: adjutant_api-back - haproxy_state: enabled - when: - - "'adjutant_api' in group_names" - - "groups['adjutant_api'] | length > 1" - tags: - - always +- name: Importing adjutant playbook + import_playbook: openstack.osa.adjutant diff --git a/playbooks/os-aodh-install.yml b/playbooks/os-aodh-install.yml index ef6681046f..440a9844b5 100644 --- a/playbooks/os-aodh-install.yml +++ b/playbooks/os-aodh-install.yml @@ -13,94 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather aodh facts - hosts: aodh_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: aodh_api - service_variable: "aodh_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install the aodh components - hosts: aodh_all - gather_facts: false - serial: "{{ aodh_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: aodh_api-back - haproxy_state: disabled - when: - - "'aodh_api' in group_names" - - "groups['aodh_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_aodh" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: aodh_api-back - haproxy_state: enabled - when: - - "'aodh_api' in group_names" - - "groups['aodh_api'] | length > 1" - tags: - - always +- name: Importing aodh playbook + import_playbook: openstack.osa.aodh diff --git a/playbooks/os-barbican-install.yml b/playbooks/os-barbican-install.yml index 4c7afa5edf..f6697d279d 100644 --- a/playbooks/os-barbican-install.yml +++ b/playbooks/os-barbican-install.yml @@ -13,92 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather barbican facts - hosts: barbican_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: barbican_api - service_variable: "barbican_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Installation and setup of barbican - hosts: barbican_all - gather_facts: false - serial: "{{ barbican_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: barbican-back - haproxy_state: disabled - when: - - "'barbican_api' in group_names" - - "groups['barbican_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_barbican" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: barbican-back - haproxy_state: enabled - when: - - "'barbican_api' in group_names" - - "groups['barbican_api'] | length > 1" - tags: - - always +- name: Importing barbican playbook + import_playbook: openstack.osa.barbican diff --git a/playbooks/os-blazar-install.yml b/playbooks/os-blazar-install.yml index ad09692579..5d1234aca4 100644 --- a/playbooks/os-blazar-install.yml +++ b/playbooks/os-blazar-install.yml @@ -13,96 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather blazar facts - hosts: blazar_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: blazar_api - service_variable: "blazar_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install blazar components - hosts: blazar_all - gather_facts: false - serial: "{{ blazar_serial | default(['1','100%']) }}" - environment: "{{ deployment_environment_variables | default({}) }}" - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: blazar_api-back - haproxy_state: disabled - when: - - "'blazar_api' in group_names" - - "groups['blazar_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_blazar" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: blazar_api-back - haproxy_state: enabled - when: - - "'blazar_api' in group_names" - - "groups['blazar_api'] | length > 1" - tags: - - always +- name: Importing blazar playbook + import_playbook: openstack.osa.blazar diff --git a/playbooks/os-ceilometer-install.yml b/playbooks/os-ceilometer-install.yml index e3415e67a3..749a9d794b 100644 --- a/playbooks/os-ceilometer-install.yml +++ b/playbooks/os-ceilometer-install.yml @@ -13,45 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather ceilometer facts - hosts: ceilometer_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Install the ceilometer components - hosts: ceilometer_all - gather_facts: false - serial: "{{ ceilometer_serial | default(['1','100%']) }}" - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_ceilometer" - - environment: "{{ deployment_environment_variables | default({}) }}" +- name: Importing ceilometer playbook + import_playbook: openstack.osa.ceilometer diff --git a/playbooks/os-cinder-install.yml b/playbooks/os-cinder-install.yml index 1a30c3228a..9adbdae7a4 100644 --- a/playbooks/os-cinder-install.yml +++ b/playbooks/os-cinder-install.yml @@ -13,56 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather cinder facts - hosts: cinder_all - gather_facts: false - tags: - - always - tasks: - - name: Gather minimal facts for cinder - setup: - gather_subset: - - "!all" - - min - when: osa_gather_facts | default(True) - - - name: Gather additional facts for cinder - setup: - gather_subset: "{{ cinder_gather_subset | default('processor_count') }}" - filter: "{{ cinder_gather_filter | default('ansible_processor*') }}" - when: osa_gather_facts | default(True) - -- name: Install cinder scheduler services - import_playbook: common-playbooks/cinder.yml - vars: - cinder_hosts: "cinder_scheduler:!cinder_api" - cinder_serial: "{{ cinder_scheduler_serial | default(['1', '100%']) }}" - -- name: Install cinder volume services - import_playbook: common-playbooks/cinder.yml - vars: - cinder_hosts: "cinder_volume:!cinder_scheduler:!cinder_api" - cinder_serial: "{{ cinder_backend_serial | default(['1', '100%']) }}" - -- name: Install cinder backup services - import_playbook: common-playbooks/cinder.yml - vars: - cinder_hosts: "cinder_backup:!cinder_volume:!cinder_scheduler:!cinder_api" - cinder_serial: "{{ cinder_backend_serial | default(['1', '100%']) }}" - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: cinder_api - service_variable: "cinder_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install cinder API services - import_playbook: common-playbooks/cinder.yml - vars: - cinder_hosts: "cinder_api" - cinder_serial: "{{ cinder_api_serial | default(['1', '100%']) }}" +- name: Importing cinder playbook + import_playbook: openstack.osa.cinder diff --git a/playbooks/os-cloudkitty-install.yml b/playbooks/os-cloudkitty-install.yml index 44c01d80c8..d5d790888e 100644 --- a/playbooks/os-cloudkitty-install.yml +++ b/playbooks/os-cloudkitty-install.yml @@ -13,89 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. - -- name: Gather cloudkitty facts - hosts: cloudkitty_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: cloudkitty_api - service_variable: "cloudkitty_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install cloudkitty services - hosts: cloudkitty_all - serial: "{{ cloudkitty_api_serial | default(['1', '100%']) }}" - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: cloudkitty_api-back - haproxy_state: disabled - when: - - "'cloudkitty_api' in group_names" - - "groups['cloudkitty_api'] | length > 1" - tags: - - always - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_cloudkitty" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: cloudkitty_api-back - haproxy_state: enabled - when: - - "'cloudkitty_api' in group_names" - - "groups['cloudkitty_api'] | length > 1" - tags: - - always +- name: Importing cloudkitty playbook + import_playbook: openstack.osa.cloudkitty diff --git a/playbooks/os-designate-install.yml b/playbooks/os-designate-install.yml index 59ed1de657..80b0cc18c4 100644 --- a/playbooks/os-designate-install.yml +++ b/playbooks/os-designate-install.yml @@ -16,92 +16,5 @@ # (c) 2016 Donovan Francesco # (c) 2016 Paul Stevens -- name: Gather designate facts - hosts: designate_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: designate_api - service_variable: "designate_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install designate server - hosts: designate_all - gather_facts: false - serial: "{{ designate_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: designate_api-back - haproxy_state: disabled - when: - - "'designate_api' in group_names" - - "groups['designate_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_designate" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: designate_api-back - haproxy_state: enabled - when: - - "'designate_api' in group_names" - - "groups['designate_api'] | length > 1" - tags: - - always +- name: Importing designate playbook + import_playbook: openstack.osa.designate diff --git a/playbooks/os-glance-install.yml b/playbooks/os-glance-install.yml index 0ebdbe9360..009c040f69 100644 --- a/playbooks/os-glance-install.yml +++ b/playbooks/os-glance-install.yml @@ -13,108 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather glance facts - hosts: "glance_all" - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: glance_api - service_variable: "glance_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install glance services - hosts: "glance_all" - serial: "{{ glance_api_serial | default(['1', '100%']) }}" - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: glance_api-back - haproxy_state: disabled - when: - - "'glance_api' in group_names" - - "groups['glance_api'] | length > 1" - tags: - - always - - - name: Configure container (local storage bind mount from host) - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - vars: - list_of_bind_mounts: "{{ glance_container_bind_mounts }}" - when: - - not is_metal - - glance_default_store == "file" - - (glance_remote_client is not defined) or (glance_remote_client | length == 0) - - - name: Configure container (remote storage) - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: - - not is_metal - - (glance_default_store != "file") or (glance_remote_client is defined) - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_glance" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: glance_api-back - haproxy_state: enabled - when: - - "'glance_api' in group_names" - - "groups['glance_api'] | length > 1" - tags: - - always +- name: Importing glance playbook + import_playbook: openstack.osa.glance diff --git a/playbooks/os-gnocchi-install.yml b/playbooks/os-gnocchi-install.yml index 893f98890a..97d776e400 100644 --- a/playbooks/os-gnocchi-install.yml +++ b/playbooks/os-gnocchi-install.yml @@ -13,96 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather gnocchi facts - hosts: gnocchi_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: gnocchi_api - service_variable: "gnocchi_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install Gnocchi components - hosts: gnocchi_all - gather_facts: false - serial: "{{ gnocchi_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: gnocchi-back - haproxy_state: disabled - when: - - "'gnocchi_all' in group_names" - - "groups['gnocchi_all'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - vars: - list_of_bind_mounts: "{{ gnocchi_container_bind_mounts }}" - when: - - not is_metal - - (gnocchi_storage_driver | default('file')) != "file" - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_gnocchi" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: gnocchi-back - haproxy_state: enabled - when: - - "'gnocchi_all' in group_names" - - "groups['gnocchi_all'] | length > 1" - tags: - - always +- name: Importing gnocchi playbook + import_playbook: openstack.osa.gnocchi diff --git a/playbooks/os-heat-install.yml b/playbooks/os-heat-install.yml index 7275432ae8..8390305c04 100644 --- a/playbooks/os-heat-install.yml +++ b/playbooks/os-heat-install.yml @@ -13,95 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather heat facts - hosts: heat_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: heat_api - service_variable: "heat_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install heat server - hosts: heat_all - gather_facts: false - serial: "{{ heat_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: heat_api-back - haproxy_state: disabled - when: - - "'heat_api' in group_names" - - "groups['heat_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_heat" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: heat_api-back - haproxy_state: enabled - when: - - "'heat_api' in group_names" - - "groups['heat_api'] | length > 1" - tags: - - always +- name: Importing heat playbook + import_playbook: openstack.osa.heat diff --git a/playbooks/os-horizon-install.yml b/playbooks/os-horizon-install.yml index 4163e253d3..d0724db1e0 100644 --- a/playbooks/os-horizon-install.yml +++ b/playbooks/os-horizon-install.yml @@ -13,94 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather horizon facts - hosts: horizon_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: horizon_all - service_variable: "horizon_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install horizon server - hosts: horizon_all - gather_facts: false - serial: "{{ horizon_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: horizon-back - haproxy_state: disabled - when: - - "'horizon_all' in group_names" - - "groups['horizon_all'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_horizon" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: horizon-back - haproxy_state: enabled - when: - - "'horizon_all' in group_names" - - "groups['horizon_all'] | length > 1" - tags: - - always +- name: Importing horizon playbook + import_playbook: openstack.osa.horizon diff --git a/playbooks/os-ironic-install.yml b/playbooks/os-ironic-install.yml index f725d6510f..7691747dff 100644 --- a/playbooks/os-ironic-install.yml +++ b/playbooks/os-ironic-install.yml @@ -13,95 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather ironic facts - hosts: ironic_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: ironic_api - service_variable: "ironic_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Installation and setup of Ironic - hosts: ironic_all - gather_facts: false - serial: "{{ ironic_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: ironic_api-back - haproxy_state: disabled - when: - - "'ironic_api' in group_names" - - "groups['ironic_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_ironic" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: ironic_api-back - haproxy_state: enabled - when: - - "'ironic_api' in group_names" - - "groups['ironic_api'] | length > 1" - tags: - - always +- name: Importing ironic playbook + import_playbook: openstack.osa.ironic diff --git a/playbooks/os-keystone-install.yml b/playbooks/os-keystone-install.yml index 27efa14929..4c2f1f30a6 100644 --- a/playbooks/os-keystone-install.yml +++ b/playbooks/os-keystone-install.yml @@ -13,230 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. - -# The openstack_openrc role gets executed on a designated service -# host which will handle all service/user/domain/project/role -# management for the roles. It is executed here as this is the -# first role which will use it and the implementation of the -# clouds.yaml file is useless until keystone is in place. -- name: Implement openrc/clouds.yaml on the designated service host - hosts: "{{ openstack_service_setup_host | default('localhost') }}" - gather_facts: "{{ osa_gather_facts | default(True) }}" - become: yes - tags: - - openrc - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - roles: - - role: "openstack_openrc" - -- name: Gather keystone facts - hosts: keystone_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Pre-service deployment - hosts: keystone_all - gather_facts: false - environment: "{{ deployment_environment_variables | default({}) }}" - tasks: - - name: "Pre-service deployment tasks from os_keystone role" - include_role: - name: os_keystone - tasks_from: main_pre.yml - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: keystone_all - service_variable: "keystone_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Installation and setup of Keystone - hosts: keystone_all - serial: "{{ keystone_serial | default(['1', '100%']) }}" - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: "keystone_service-back" - haproxy_state: disabled - when: - - "'keystone_all' in group_names" - - "groups['keystone_all'] | length > 1" - tags: - - always - - - name: Configure container - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - vars: - extra_container_config_no_restart: - - "lxc.start.order=19" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_keystone" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: "keystone_service-back" - haproxy_state: enabled - when: - - "'keystone_all' in group_names" - - "groups['keystone_all'] | length > 1" - tags: - - always - -# These facts are set against the deployment host to ensure that -# they are fast to access. This is done in preference to setting -# them against each target as the hostvars extraction will take -# a long time if executed against a large inventory. -- name: Finalise data migrations if required - hosts: keystone_all - gather_facts: no - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: Refresh local facts - setup: - filter: ansible_local - gather_subset: "!all" - - # This variable contains the values of the local fact set for the keystone - # venv tag for all hosts in the 'keystone_all' host group. - - name: Gather software version list - set_fact: - keystone_all_software_versions: "{{ (groups['keystone_all'] | - map('extract', hostvars, ['ansible_local', 'openstack_ansible', 'keystone', 'venv_tag'])) | - list }}" - delegate_to: localhost - run_once: yes - - # This variable outputs a boolean value which is True when - # keystone_all_software_versions contains a list of defined - # values. If they are not defined, it means that not all - # hosts have their software deployed yet. - - name: Set software deployed fact - set_fact: - keystone_all_software_deployed: "{{ (keystone_all_software_versions | select('defined')) | list == keystone_all_software_versions }}" - delegate_to: localhost - run_once: yes - - # This variable outputs a boolean when all the values in - # keystone_all_software_versions are the same and the software - # has been deployed to all hosts in the group. - - name: Set software updated fact - set_fact: - keystone_all_software_updated: "{{ ((keystone_all_software_versions | unique) | length == 1) and (keystone_all_software_deployed | bool) }}" - delegate_to: localhost - run_once: yes - - - name: Perform a Keystone DB sync contract - command: "{{ keystone_bin }}/keystone-manage db_sync --contract" # noqa: no-changed-when - become: yes - become_user: "{{ keystone_system_user_name | default('keystone') }}" - when: - - "keystone_all_software_updated | bool" - - "ansible_local['openstack_ansible']['keystone']['need_db_contract'] | bool" - register: dbsync_contract - run_once: yes - - - name: Disable the need for any further db sync - ini_file: - dest: "/etc/ansible/facts.d/openstack_ansible.fact" - section: keystone - option: "need_db_contract" - value: "False" - mode: "0644" - when: - - "dbsync_contract is succeeded" - -# note(jrosser) this can only be done once the DB contract has completed so we must put it as -# the last part of the keystone setup -- name: SP/IDP setup - hosts: keystone_all - gather_facts: no - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - - - name: "Post configure SP/IDP" - include_role: - name: os_keystone - tasks_from: main_keystone_federation_sp_idp_setup.yml +- name: Importing keystone playbook + import_playbook: openstack.osa.keystone diff --git a/playbooks/os-magnum-install.yml b/playbooks/os-magnum-install.yml index b89fe2a1b3..8b0cc42b7d 100644 --- a/playbooks/os-magnum-install.yml +++ b/playbooks/os-magnum-install.yml @@ -16,93 +16,5 @@ # (c) 2016 Donovan Francesco # (c) 2016 Paul Stevens -- name: Gather magnum facts - hosts: magnum_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: magnum_all - service_variable: "magnum_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install magnum server - hosts: magnum_all - user: root - gather_facts: false - serial: "{{ magnum_serial | default(['1','100%']) }}" - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: magnum-back - haproxy_state: disabled - when: - - "'magnum_all' in group_names" - - "groups['magnum_all'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_magnum" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: magnum-back - haproxy_state: enabled - when: - - "'magnum_all' in group_names" - - "groups['magnum_all'] | length > 1" - tags: - - always +- name: Importing magnum playbook + import_playbook: openstack.osa.magnum diff --git a/playbooks/os-manila-install.yml b/playbooks/os-manila-install.yml index ac697bd4a5..881fdff6a4 100644 --- a/playbooks/os-manila-install.yml +++ b/playbooks/os-manila-install.yml @@ -13,119 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Install ganesha-nfs - import_playbook: ceph-nfs-install.yml - -- name: Gather manila facts - hosts: manila_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - serial: "{{ manila_serial | default(['1','100%']) }}" - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: manila_api - service_variable: "manila_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install manila API services - hosts: manila_api:manila_scheduler - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - args: - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: manila-back - haproxy_state: disabled - when: - - "'manila_api' in group_names" - - "groups['manila_api'] | length > 1" - tags: - - always - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_manila" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: manila-back - haproxy_state: enabled - when: - - "'manila_api' in group_names" - - "groups['manila_api'] | length > 1" - tags: - - always - -- name: Install manila data services - hosts: manila_data:manila_share - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_manila" +- name: Importing manila playbook + import_playbook: openstack.osa.manila diff --git a/playbooks/os-masakari-install.yml b/playbooks/os-masakari-install.yml index d42f5255b9..e93c61bcb8 100644 --- a/playbooks/os-masakari-install.yml +++ b/playbooks/os-masakari-install.yml @@ -13,126 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather masakari facts - hosts: masakari_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tags: - - always - -- name: Setup corosync cluster - hosts: masakari_monitor - gather_facts: false - serial: "{{ masakari_monitor_serial | default('100%') }}" - user: root - vars: - pacemaker_corosync_group: masakari_monitor - pacemaker_corosync_ring_interface: "{{ masakari_monitor_corosync_multicast_interface }}" - haveged_enabled: false - pre_tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - vars: - deployment_extra_facts_filter: "{{ 'ansible_' ~ pacemaker_corosync_ring_interface | replace('-','_') }}" - deployment_extra_facts_subset: "!all,network" - args: - apply: - tags: - - always - tags: - - always - roles: - - role: "pacemaker_corosync" - tags: pacemaker-corosync - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: masakari_api - service_variable: "masakari_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install the masakari components - hosts: masakari_all - gather_facts: false - serial: "{{ masakari_api_serial | default(['1','100%']) }}" - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - args: - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: masakari_api-back - haproxy_state: disabled - when: - - "'masakari_api' in group_names" - - "groups['masakari_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_masakari" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: masakari_api-back - haproxy_state: enabled - when: - - "'masakari_api' in group_names" - - "groups['masakari_api'] | length > 1" - tags: - - always - - environment: "{{ deployment_environment_variables | default({}) }}" +- name: Importing masakari playbook + import_playbook: openstack.osa.masakari diff --git a/playbooks/os-mistral-install.yml b/playbooks/os-mistral-install.yml index 44dabd1e36..ac400a5946 100644 --- a/playbooks/os-mistral-install.yml +++ b/playbooks/os-mistral-install.yml @@ -13,97 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather mistral facts - hosts: mistral_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: mistral_api - service_variable: "mistral_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install mistral components - hosts: mistral_all - gather_facts: false - serial: "{{ mistral_serial | default(['1','100%']) }}" - environment: "{{ deployment_environment_variables | default({}) }}" - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: mistral-back - haproxy_state: disabled - when: - - "'mistral_all' in group_names" - - "groups['mistral_all'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_mistral" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: mistral-back - haproxy_state: enabled - when: - - "'mistral_all' in group_names" - - "groups['mistral_all'] | length > 1" - tags: - - always +- name: Importing mistral playbook + import_playbook: openstack.osa.mistral diff --git a/playbooks/os-neutron-install.yml b/playbooks/os-neutron-install.yml index 8248ff1291..0767607bfe 100644 --- a/playbooks/os-neutron-install.yml +++ b/playbooks/os-neutron-install.yml @@ -13,66 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather neutron facts - hosts: neutron_all - gather_facts: false - tags: - - always - tasks: - - name: Gather minimal facts for neutron - setup: - gather_subset: - - "!all" - - min - when: osa_gather_facts | default(True) - - - name: Gather additional facts for neutron - setup: - gather_subset: "{{ neutron_gather_subset | default('processor_count') }}" - filter: "{{ neutron_gather_filter | default('ansible_processor*') }}" - when: osa_gather_facts | default(True) - -- name: Configure Neutron dynamic host groupings - hosts: localhost - gather_facts: no - tasks: - - name: Add hosts to dynamic inventory group - add_host: - group: "{{ dest_group }}" - name: "{{ item }}" - with_items: "{{ groups[src_group] }}" - when: - - "group_when | default(True)" - vars: - src_group: "nova_compute" - dest_group: "neutron_l3_agent, neutron_metadata_agent" - group_when: "{{ (neutron_plugin_type | default('ml2.ovn') == 'ml2.ovs.dvr') }}" - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: neutron_server - service_variable: "neutron_haproxy_services" - when: - - groups[service_group] - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install neutron server - import_playbook: common-playbooks/neutron.yml - vars: - neutron_hosts: "neutron_server" - neutron_serial: "{{ neutron_server_serial | default(['1', '100%']) }}" - -- name: Install neutron L2 agents - import_playbook: common-playbooks/neutron.yml - vars: - neutron_hosts: "neutron_linuxbridge_agent:neutron_openvswitch_agent:!neutron_server" - neutron_serial: "{{ neutron_agent_serial | default('50%') }}" - -- name: Install all other neutron agents - import_playbook: common-playbooks/neutron.yml - vars: - neutron_hosts: "neutron_all:!neutron_linuxbridge_agent:!neutron_openvswitch_agent:!neutron_server" - neutron_serial: "{{ neutron_other_serial | default('1') }}" +- name: Importing neutron playbook + import_playbook: openstack.osa.neutron diff --git a/playbooks/os-nova-install.yml b/playbooks/os-nova-install.yml index 6369ede738..57f7b5c392 100644 --- a/playbooks/os-nova-install.yml +++ b/playbooks/os-nova-install.yml @@ -13,266 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather nova facts - hosts: nova_all - gather_facts: false - tags: - - always - tasks: - - name: Gather minimal facts for nova - setup: - gather_subset: - - "!all" - - min - when: osa_gather_facts | default(True) - - - name: Gather additional facts for nova - setup: - gather_subset: "{{ nova_gather_subset | default('processor_count') }}" - filter: "{{ nova_gather_filter | default('ansible_processor*') }}" - when: osa_gather_facts | default(True) - -- name: "Config haproxy service" - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: - - nova_api_os_compute - - nova_api_metadata - - nova_console - - nova_ironic_console - service_variable: "nova_haproxy_services" - when: - - groups['nova_all'] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install nova control-plane services - hosts: "nova_conductor:nova_scheduler:nova_api_os_compute:nova_api_metadata:nova_console" - serial: "{{ nova_conductor_serial | default(['1', '100%']) }}" - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # Enable execution of ceph_client on the nova compute hosts if cinder RBD - # backends are used. This is necessary to ensure that volume-backed Nova - # instances can function when RBD is the volume backend. - - name: Set cinder RBD inuse fact - set_fact: - nova_cinder_rbd_inuse: "{{ True in groups['cinder_volume'] | map('extract', hostvars, 'cinder_backend_rbd_inuse') }}" - delegate_to: localhost - delegate_facts: True - when: - - "'nova_compute' in group_names" - - "inventory_hostname == ((groups['nova_compute'] | intersect(ansible_play_hosts)) | list)[0]" - - "hostvars['localhost']['nova_cinder_rbd_inuse'] is not defined" - tags: - - always - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: "{{ backend_name }}-back" - haproxy_state: disabled - loop_control: - loop_var: backend_name - when: - - "backend_name in group_names" - - "groups[backend_name] | length > 1" - with_items: - - "nova_api_metadata" - - "nova_api_os_compute" - - "nova_console" - tags: - - always - - - name: Configure container - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - vars: - extra_container_config_no_restart: - - "lxc.start.order=39" - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_nova" - nova_management_address: "{{ management_address }}" - nova_cinder_rbd_inuse: "{{ hostvars['localhost']['nova_cinder_rbd_inuse'] | default(False) }}" - - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: "{{ backend_name }}-back" - haproxy_state: enabled - loop_control: - loop_var: backend_name - when: - - "backend_name in group_names" - - "groups[backend_name] | length > 1" - with_items: - - "nova_api_metadata" - - "nova_api_os_compute" - - "nova_console" - tags: - - always - - -- name: Install nova compute services - hosts: "nova_compute:!nova_conductor:!nova_scheduler:!nova_api_os_compute:!nova_api_metadata:!nova_console" - serial: "{{ nova_compute_serial | default('100%') }}" - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - - # Enable execution of ceph_client on the nova compute hosts if cinder RBD - # backends are used. This is necessary to ensure that volume-backed Nova - # instances can function when RBD is the volume backend. - - name: Set cinder RBD inuse fact - set_fact: - nova_cinder_rbd_inuse: "{{ True in groups['cinder_volume'] | map('extract', hostvars, 'cinder_backend_rbd_inuse') }}" - delegate_to: localhost - delegate_facts: True - when: - - "'nova_compute' in group_names" - - "inventory_hostname == ((groups['nova_compute'] | intersect(ansible_play_hosts)) | list)[0]" - - "hostvars['localhost']['nova_cinder_rbd_inuse'] is not defined" - tags: - - always - - - name: Configure container - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - vars: - extra_container_config_no_restart: - - "lxc.start.order=39" - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - - name: Add nbd devices to the compute - shell: | - for i in /dev/nbd*;do - lxc-device -n {{ container_name }} add $i $i - done - failed_when: false - register: device_add - changed_when: > - 'added' in device_add.stdout.lower() - delegate_to: "{{ physical_host }}" - when: - - container_tech | default('lxc') == 'lxc' - - "'nova_compute' in group_names" - - "not is_metal | bool" - tags: - - always - - - name: Add net/tun device to the compute # noqa: no-changed-when - command: | - lxc-device -n {{ container_name }} add /dev/net/tun /dev/net/tun - delegate_to: "{{ physical_host }}" - when: - - container_tech | default('lxc') == 'lxc' - - "'nova_compute' in group_names" - - "not is_metal | bool" - tags: - - always - - - name: Check if kvm device exists - stat: - path: /dev/kvm - delegate_to: "{{ physical_host }}" - register: kvm_device - when: - - container_tech | default('lxc') == 'lxc' - - "'nova_compute' in group_names" - - "not is_metal | bool" - tags: - - always - - - name: Add kvm device to the compute - command: | - lxc-device -n {{ container_name }} add /dev/kvm /dev/kvm - delegate_to: "{{ physical_host }}" - register: device_add - failed_when: false - changed_when: > - 'added' in device_add.stdout.lower() - when: - - container_tech | default('lxc') == 'lxc' - - "'nova_compute' in group_names" - - "not is_metal | bool" - - "'ischr' in kvm_device.stat and kvm_device.stat.ischr | bool" - tags: - - always - - roles: - - role: "os_nova" - nova_management_address: "{{ management_address }}" - nova_cinder_rbd_inuse: "{{ hostvars['localhost']['nova_cinder_rbd_inuse'] | default(False) }}" - - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - -- name: Finalize nova setup - hosts: nova_conductor[0] - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - - - name: Running db_post_setup tasks from the role - import_role: - name: os_nova - tasks_from: nova_db_post_setup.yml +- name: Importing nova playbook + import_playbook: openstack.osa.nova diff --git a/playbooks/os-octavia-install.yml b/playbooks/os-octavia-install.yml index b1b95ac202..df02fc0704 100644 --- a/playbooks/os-octavia-install.yml +++ b/playbooks/os-octavia-install.yml @@ -13,96 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather octavia facts - hosts: octavia_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: octavia-api - service_variable: "octavia_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install octavia server - hosts: octavia_all - gather_facts: false - serial: "{{ octavia_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: octavia-back - haproxy_state: disabled - when: - - "'octavia_all' in group_names" - - "groups['octavia_all'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_octavia" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: octavia-back - haproxy_state: enabled - when: - - "'octavia_all' in group_names" - - "groups['octavia_all'] | length > 1" - tags: - - always +- name: Importing octavia playbook + import_playbook: openstack.osa.octavia diff --git a/playbooks/os-placement-install.yml b/playbooks/os-placement-install.yml index 2bee26b634..977b625ba2 100644 --- a/playbooks/os-placement-install.yml +++ b/playbooks/os-placement-install.yml @@ -13,96 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather placement facts - hosts: placement_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: placement_api - service_variable: "placement_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install placement components - hosts: placement_all - gather_facts: false - serial: "{{ placement_api_serial | default(['1','100%']) }}" - environment: "{{ deployment_environment_variables | default({}) }}" - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: placement-back - haproxy_state: disabled - when: - - "'placement_all' in group_names" - - "groups['placement_all'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_placement" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: placement-back - haproxy_state: enabled - when: - - "'placement_all' in group_names" - - "groups['placement_all'] | length > 1" - tags: - - always +- name: Importing placement playbook + import_playbook: openstack.osa.placement diff --git a/playbooks/os-rally-install.yml b/playbooks/os-rally-install.yml index 8f8cf34a2f..873c05bdd8 100644 --- a/playbooks/os-rally-install.yml +++ b/playbooks/os-rally-install.yml @@ -13,37 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather rally facts - hosts: utility_all[0] - gather_facts: "{{ osa_gather_facts | default(True) }}" - tags: - - always - -- name: Installation and setup of Rally - hosts: utility_all[0] - gather_facts: false - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: End playbook - meta: end_play - when: - - (not (rally_install | default(false)) | bool) - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_rally" +- name: Importing rally playbook + import_playbook: openstack.osa.rally diff --git a/playbooks/os-skyline-install.yml b/playbooks/os-skyline-install.yml index dc3e88a28c..65740b5c9e 100644 --- a/playbooks/os-skyline-install.yml +++ b/playbooks/os-skyline-install.yml @@ -13,59 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather skyline facts - hosts: skyline_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: skyline_all - service_variable: "skyline_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install skyline components - hosts: skyline_all - gather_facts: false - serial: "{{ skyline_api_serial | default(['1','100%']) }}" - environment: "{{ deployment_environment_variables | default({}) }}" - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_skyline" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab +- name: Importing skyline playbook + import_playbook: openstack.osa.skyline diff --git a/playbooks/os-swift-install.yml b/playbooks/os-swift-install.yml index 409daae887..f2820b7095 100644 --- a/playbooks/os-swift-install.yml +++ b/playbooks/os-swift-install.yml @@ -13,70 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather swift facts - hosts: swift_all:swift_remote_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: swift_all - service_variable: "swift_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Installation and setup of Swift - hosts: swift_all:swift_remote_all - gather_facts: false - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - vars: - extra_container_config_no_restart: - - "lxc.start.order=39" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_swift" - swift_do_setup: True - swift_do_sync: True - environment: "{{ deployment_environment_variables | default({}) }}" - -- name: Installation and setup of Swift - hosts: swift_all - gather_facts: false - user: root - roles: - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - environment: "{{ deployment_environment_variables | default({}) }}" +- name: Importing swift playbook + import_playbook: openstack.osa.swift diff --git a/playbooks/os-swift-sync.yml b/playbooks/os-swift-sync.yml index cd20a767b7..88fb6a7fd3 100644 --- a/playbooks/os-swift-sync.yml +++ b/playbooks/os-swift-sync.yml @@ -15,23 +15,5 @@ # Playbook will sync the swift ring and ssh keys # The services need to be installed first though. -- name: Synchronisation of swift ring and ssh keys - hosts: swift_all:swift_remote_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - roles: - - role: "os_swift" - swift_do_setup: False - swift_do_sync: True - environment: "{{ deployment_environment_variables | default({}) }}" +- name: Importing swift_sync playbook + import_playbook: openstack.osa.swift_sync diff --git a/playbooks/os-tacker-install.yml b/playbooks/os-tacker-install.yml index 693405f762..bd3d558b7d 100644 --- a/playbooks/os-tacker-install.yml +++ b/playbooks/os-tacker-install.yml @@ -13,84 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather tacker facts - hosts: tacker_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: tacker_server - service_variable: "tacker_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install the tacker components - hosts: tacker_all - gather_facts: false - serial: "{{ tacker_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: tacker-back - haproxy_state: disabled - when: - - "'tacker_all' in group_names" - - "groups['tacker_all'] | length > 1" - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - roles: - - role: "os_tacker" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: tacker-back - haproxy_state: enabled - when: - - "'tacker_all' in group_names" - - "groups['tacker_all'] | length > 1" +- name: Importing tacker playbook + import_playbook: openstack.osa.tacker diff --git a/playbooks/os-tempest-install.yml b/playbooks/os-tempest-install.yml index 41ab12d6b9..0df9d6a30b 100644 --- a/playbooks/os-tempest-install.yml +++ b/playbooks/os-tempest-install.yml @@ -13,42 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather tempest facts - hosts: utility_all[0] - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Installation and setup of Tempest - hosts: utility_all[0] - gather_facts: false - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - - name: End playbook - meta: end_play - when: - - (not (tempest_install | default(false)) | bool) - - roles: - - role: "os_tempest" - - role: "openstack.osa.system_crontab_coordination" - tags: - - crontab - - environment: "{{ deployment_environment_variables | default({}) }}" +- name: Importing tempest playbook + import_playbook: openstack.osa.tempest diff --git a/playbooks/os-trove-install.yml b/playbooks/os-trove-install.yml index 409a457d8d..bd278d4fd7 100644 --- a/playbooks/os-trove-install.yml +++ b/playbooks/os-trove-install.yml @@ -16,93 +16,5 @@ # (c) 2016 Donovan Francesco # (c) 2016 Paul Stevens -- name: Gather trove facts - hosts: trove_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: trove_api - service_variable: "trove_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install trove server - hosts: trove_all - gather_facts: false - serial: "{{ trove_serial | default(['1','100%']) }}" - user: root - environment: "{{ deployment_environment_variables | default({}) }}" - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - apply: - tags: - - always - tags: - - always - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: trove-back - haproxy_state: disabled - when: - - "'trove_api' in group_names" - - "groups['trove_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - roles: - - role: "os_trove" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: trove-back - haproxy_state: enabled - when: - - "'trove_api' in group_names" - - "groups['trove_api'] | length > 1" - tags: - - always +- name: Importing trove playbook + import_playbook: openstack.osa.trove diff --git a/playbooks/os-zun-install.yml b/playbooks/os-zun-install.yml index 2cf6c05b72..b270f9ad01 100644 --- a/playbooks/os-zun-install.yml +++ b/playbooks/os-zun-install.yml @@ -13,107 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Gather zun facts - hosts: zun_all - gather_facts: "{{ osa_gather_facts | default(True) }}" - tasks: - - name: Gather additional facts - include_role: - name: openstack.osa.gather_extra_facts - when: osa_gather_facts | default(True) - tags: - - always - -- name: Install etcd cluster - hosts: zun_api - gather_facts: false - serial: "{{ etcd_serial | default('100%') }}" - roles: - - role: "etcd" - vars: - etcd_cluster_group: "zun_api" - etcd_install_type: server - etcd_version: 3.3.27 - etcd_download_checksum: - x86_64: 'sha256:f9058f93e2f40343fd0bbbfce39ddb8a7afd8b03be020b7decc040d897065ded' - aarch64: 'sha256:7230b769efef5ac60a856d755776076597da5082d7a5904ee33995f921df8d8d' - tags: - - zun-install - - etcd-server - -- name: Configure haproxy services - import_playbook: openstack.osa.haproxy_service_config - vars: - service_group: zun_api - service_variable: "zun_haproxy_services" - when: - - groups[service_group] | length > 0 - - groups['haproxy'] | length > 0 - tags: - - haproxy-service-config - -- name: Install the zun components - hosts: zun_all - gather_facts: false - serial: "{{ zun_serial | default(['1','100%']) }}" - user: root - pre_tasks: - - name: Setup installation variables - include_role: - name: openstack.osa.install_defaults - defaults_from: "{{ install_method }}" - public: true - - # In order to ensure that any container, software or - # config file changes which causes a container/service - # restart do not cause an unexpected outage, we drain - # the load balancer back end for this container. - - name: Disabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: zun_api-back - haproxy_state: disabled - when: - - "'zun_api' in group_names" - - "groups['zun_api'] | length > 1" - tags: - - always - - - name: Including container-setup tasks - include_role: - name: "openstack.osa.{{ container_tech | default('lxc') }}_container_setup" - when: not is_metal - - - name: Including unbound-clients tasks - include_role: - name: openstack.osa.unbound_clients - when: - - hostvars['localhost']['resolvconf_enabled'] | bool - - roles: - - role: "os_zun" - - post_tasks: - # Now that container changes are done, we can set - # the load balancer back end for this container - # to available again. - - name: Enabling haproxy backends - include_role: - name: openstack.osa.haproxy_endpoint_manage - apply: - tags: - - always - vars: - haproxy_backend: zun_api-back - haproxy_state: enabled - when: - - "'zun_api' in group_names" - - "groups['zun_api'] | length > 1" - tags: - - always - - environment: "{{ deployment_environment_variables | default({}) }}" +- name: Importing zun playbook + import_playbook: openstack.osa.zun diff --git a/playbooks/setup-openstack.yml b/playbooks/setup-openstack.yml index 02ae0a03a8..9c12e88913 100644 --- a/playbooks/setup-openstack.yml +++ b/playbooks/setup-openstack.yml @@ -13,100 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Importing pre hook playbook - import_playbook: "{{ pre_setup_openstack_hook | default('hook-dummy.yml') }}" - -- name: Importing os-keystone-install playbook - import_playbook: os-keystone-install.yml - -- name: Importing os-barbican-install playbook - import_playbook: os-barbican-install.yml - -- name: Importing os-placement-install playbook - import_playbook: os-placement-install.yml - -- name: Importing os-glance-install playbook - import_playbook: os-glance-install.yml - -- name: Importing os-cinder-install playbook - import_playbook: os-cinder-install.yml - -- name: Importing os-nova-install playbook - import_playbook: os-nova-install.yml - -- name: Importing os-neutron-install playbook - import_playbook: os-neutron-install.yml - -- name: Importing os-heat-install playbook - import_playbook: os-heat-install.yml - -- name: Importing os-horizon-install playbook - import_playbook: os-horizon-install.yml - -- name: Importing os-designate-install playbook - import_playbook: os-designate-install.yml - -- name: Importing os-swift-install playbook - import_playbook: os-swift-install.yml - -- name: Importing os-adjutant-install playbook - import_playbook: os-adjutant-install.yml - -- name: Importing os-gnocchi-install playbook - import_playbook: os-gnocchi-install.yml - -- name: Importing os-ceilometer-install playbook - import_playbook: os-ceilometer-install.yml - -- name: Importing os-aodh-install playbook - import_playbook: os-aodh-install.yml - -- name: Importing os-cloudkitty-install playbook - import_playbook: os-cloudkitty-install.yml - -- name: Importing os-ironic-install playbook - import_playbook: os-ironic-install.yml - -- name: Importing os-magnum-install playbook - import_playbook: os-magnum-install.yml - -- name: Importing os-trove-install playbook - import_playbook: os-trove-install.yml - -- name: Importing os-octavia-install playbook - import_playbook: os-octavia-install.yml - -- name: Importing os-tacker-install playbook - import_playbook: os-tacker-install.yml - -- name: Importing os-blazar-install playbook - import_playbook: os-blazar-install.yml - -- name: Importing os-masakari-install playbook - import_playbook: os-masakari-install.yml - -- name: Importing os-manila-install playbook - import_playbook: os-manila-install.yml - -- name: Importing os-mistral-install playbook - import_playbook: os-mistral-install.yml - -- name: Importing os-zun-install playbook - import_playbook: os-zun-install.yml - -# This is not an OpenStack service, but integrates with Keystone and must be -# deployed afterward. -- name: Importing ceph-rgw-install playbook - import_playbook: ceph-rgw-install.yml - -- name: Importing os-skyline-install playbook - import_playbook: os-skyline-install.yml - -- name: Importing os-tempest-install playbook - import_playbook: os-tempest-install.yml - -- name: Importing os-rally-install playbook - import_playbook: os-rally-install.yml - -- name: Importing post hook playbook - import_playbook: "{{ post_setup_openstack_hook | default('hook-dummy.yml') }}" +- name: Importing setup_openstack playbook + import_playbook: openstack.osa.setup_openstack