diff --git a/.gitignore b/.gitignore index 45d714599..132712d4d 100644 --- a/.gitignore +++ b/.gitignore @@ -37,3 +37,6 @@ doc/build/* # JetBrain .idea/ .cache + +# Custom inventory variable files +tripleo_ansible/inventory/99-standalone-vars diff --git a/scripts/tripleo-standalone-vars b/scripts/tripleo-standalone-vars new file mode 100755 index 000000000..39ba1b2d5 --- /dev/null +++ b/scripts/tripleo-standalone-vars @@ -0,0 +1,384 @@ +#!/usr/bin/python +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import argparse +import jinja2 +import logging +import os +import sys +import yaml + +# STANDALONE_VARS is a dict with keys of ansible var names, and values of a +# jinja2 template. The jinja2 template can use jinja2 variables as defined from +# TEMPLATE_VARS below. +STANDALONE_VARS = { + 'tripleo_nova_compute_DEFAULT_transport_url': { + 'template': + 'rabbit://' + '{% for node in oslo_messaging_rpc_node_names %}' + '{% if not loop.first %},{% endif %}' + '{{oslo_messaging_rpc_user_name}}:{{oslo_messaging_rpc_password}}' + '@{{node}}:5672' + '{% endfor %}' + '/?ssl={% if oslo_messaging_rpc_use_ssl=="True" %}1' + '{% else %}0{% endif %}', + 'section': 'DEFAULT', + 'option': 'transport_url' + }, + 'tripleo_nova_compute_oslo_messaging_notifications_transport_url': { + 'template': + 'rabbit://' + '{% for node in oslo_messaging_rpc_node_names %}' + '{% if not loop.first %},{% endif %}' + '{{oslo_messaging_rpc_user_name}}:{{oslo_messaging_rpc_password}}' + '@{{node}}:5672' + '{% endfor %}' + '/?ssl={% if oslo_messaging_rpc_use_ssl=="True" %}1' + '{% else %}0{% endif %}', + 'section': 'DEFAULT', + 'option': 'oslo_messaging_notifications_transport_url' + }, + 'tripleo_nova_compute_cache_memcache_servers': { + 'template': + '{% for node in memcached_node_names %}' + '{% if not loop.first %},{% endif %}' + '{{ node }}:{{ memcached_port }}' + '{% endfor %}', + 'section': 'cache', + 'option': 'memcache_servers' + }, + 'tripleo_nova_compute_cinder_auth_url': { + 'template': '{{ nova_cinder_auth_url }}', + 'section': 'cinder', + 'option': 'auth_url' + }, + 'tripleo_nova_compute_cinder_password': { + 'template': '{{ nova_cinder_password }}', + 'section': 'cinder', + 'option': 'password' + }, + 'tripleo_nova_compute_neutron_auth_url': { + 'template': '{{ nova_neutron_auth_url }}', + 'section': 'neutron', + 'option': 'auth_url' + }, + 'tripleo_nova_compute_neutron_password': { + 'template': '{{ nova_neutron_password }}', + 'section': 'neutron', + 'option': 'password' + }, + 'ctlplane_dns_nameservers': { + 'template': '{{ ctlplane_dns_nameservers }}', + }, + 'dns_search_domains': { + 'template': '{{ dns_search_domains }}', + }, + 'tripleo_nova_compute_vnc_novncproxy_base_url': { + 'template': + '{{ vncproxy_protocol }}://{{ vncproxy_host }}:{{ vncproxy_port }}', + 'section': 'vnc', + 'option': 'novncproxy_base_url' + }, + 'tripleo_nova_compute_service_user_username': { + 'template': 'nova', + }, + 'tripleo_nova_compute_service_user_password': { + 'template': '{{ service_user_password }}', + 'section': 'service_user', + 'option': 'password' + }, + 'tripleo_nova_compute_service_user_auth_url': { + 'template': '{{ service_user_auth_url }}', + 'section': 'service_user', + 'option': 'auth_url' + }, + 'tripleo_nova_compute_service_user_auth_type': { + 'template': 'password', + 'section': 'service_user', + 'option': 'auth_type' + }, + 'tripleo_nova_compute_service_user_project_name': { + 'template': '{{ service_user_project_name }}', + 'section': 'service_user', + 'option': 'project_name' + }, + 'tripleo_nova_compute_service_user_project_domain_name': { + 'template': 'Default', + 'section': 'service_user', + 'option': 'project_domain_name' + }, + 'tripleo_nova_compute_service_user_user_domain_name': { + 'template': 'Default', + 'section': 'service_user', + 'option': 'user_domain_name' + }, + 'tripleo_nova_compute_service_user_region_name': { + 'template': '{{ service_user_region_name }}', + 'section': 'service_user', + 'option': 'region_name' + }, + 'tripleo_nova_compute_service_user_send_service_user_token': { + 'template': '{{ service_user_send_service_user_token }}', + 'section': 'service_user', + 'option': 'send_service_user_token' + }, + + 'tripleo_nova_compute_placement_username': { + 'template': 'placement', + 'section': 'placement', + 'option': 'username' + }, + 'tripleo_nova_compute_placement_password': { + 'template': '{{ placement_password }}', + 'section': 'placement', + 'option': 'password' + }, + 'tripleo_nova_compute_placement_auth_url': { + 'template': '{{ placement_auth_url }}', + 'section': 'placement', + 'option': 'auth_url' + }, + 'tripleo_nova_compute_placement_auth_type': { + 'template': 'password', + 'section': 'placement', + 'option': 'auth_type' + }, + 'tripleo_nova_compute_placement_project_name': { + 'template': '{{ placement_project_name }}', + 'section': 'placement', + 'option': 'project_name' + }, + 'tripleo_nova_compute_placement_project_domain_name': { + 'template': 'Default', + 'section': 'placement', + 'option': 'project_domain_name' + }, + 'tripleo_nova_compute_placement_user_domain_name': { + 'template': 'Default', + 'section': 'placement', + 'option': 'user_domain_name' + }, + 'tripleo_nova_compute_placement_region_name': { + 'template': '{{ placement_region_name }}', + 'section': 'placement', + 'option': 'region_name' + }, + 'tripleo_nova_compute_placement_valid_interfaces': { + 'template': '{{ placement_valid_interfaces }}', + 'section': 'placement', + 'option': 'valid_interfaces' + }, + 'tripleo_ovn_dbs': { + 'template': '{{ ovn_dbs }}', + }, +} + +# TEMPLATE_VARS is a dict with keys jinja2 variables names that will be passed +# when the templates from STANDALONE_VARS are rendered. The values are a dict +# of a file name and YAML key to look up from the config-download directory. +# The file names use string formatting with replacement fields (role). +TEMPLATE_VARS = { + 'oslo_messaging_rpc_user_name': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.oslo_messaging_rpc_user_name' + }, + 'oslo_messaging_rpc_password': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.oslo_messaging_rpc_password' + }, + 'oslo_messaging_rpc_use_ssl': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.oslo_messaging_rpc_use_ssl' + }, + 'oslo_messaging_rpc_node_names': { + 'file': 'group_vars/overcloud.json', + 'key': 'oslo_messaging_rpc_node_names' + }, + 'memcached_port': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.memcached_port' + }, + 'memcached_node_names': { + 'file': 'group_vars/overcloud.json', + 'key': 'memcached_node_names' + }, + 'nova_cinder_auth_url': { + 'file': 'group_vars/{role}', + # nova-compute which sets nova::cinder::auth_url may not be deployed + # if the deployment is a standalone ctlplane, but the auth_url for + # neutron is the same value. + 'key': 'service_configs.nova::network::neutron::auth_url' + }, + 'nova_cinder_password': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.cinder::db::mysql::password' + }, + 'nova_neutron_auth_url': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::network::neutron::auth_url' + }, + 'nova_neutron_password': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::network::neutron::password' + }, + 'ctlplane_dns_nameservers': { + 'file': 'group_vars/{role}', + 'key': 'ctlplane_dns_nameservers' + }, + 'dns_search_domains': { + 'file': 'group_vars/{role}', + 'key': 'dns_search_domains' + }, + 'vncproxy_protocol': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::vncproxy::common::vncproxy_protocol' + }, + 'vncproxy_host': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::vncproxy::common::vncproxy_host' + }, + 'vncproxy_port': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::vncproxy::common::vncproxy_port' + }, + + 'service_user_password': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::keystone::service_user::password' + }, + 'service_user_auth_url': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::keystone::service_user::auth_url' + }, + 'service_user_project_name': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::keystone::service_user::project_name' + }, + 'service_user_region_name': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::keystone::service_user::region_name' + }, + 'service_user_send_service_user_token': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::keystone::service_user::send_service_user_token' + }, + + 'placement_password': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::placement::password' + }, + 'placement_auth_url': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::placement::auth_url' + }, + 'placement_project_name': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::placement::project_name' + }, + 'placement_region_name': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::placement::region_name' + }, + 'placement_valid_interfaces': { + 'file': 'group_vars/{role}', + 'key': 'service_configs.nova::placement::valid_interfaces' + }, + 'ovn_dbs': { + 'file': 'group_vars/overcloud.json', + 'key': 'ovn_dbs_node_ips' + }, +} + + +def parse_args(): + parser = argparse.ArgumentParser( + description=("tripleo-standalone-vars"), + formatter_class=argparse.ArgumentDefaultsHelpFormatter) + parser.add_argument( + '--config-download-dir', '-c', + action='store', + default='~/overcloud-deploy/overcloud/config-download/overcloud', + help=('The config-download directory for the deployment used as ' + 'the source of the generated ansible variables.')) + parser.add_argument('--output-file', '-o', + default='99-standalone-vars', + help=("Output file containing the generated ansible " + "vars.")) + parser.add_argument('--role', '-r', + default='Controller', + help="Primary role name from the source deployment.") + parser.add_argument('--force', '-f', + action='store_true', + help="Force overwriting the output file if it exists.") + + args = parser.parse_args(sys.argv[1:]) + return args + + +def main(): + + logging.basicConfig() + log = logging.getLogger() + log.setLevel(logging.INFO) + + args = parse_args() + + if os.path.exists(args.output_file) and not args.force: + print("Output file {} exists. Won't continue without --force, or " + "delete the file first.".format(args.output_file)) + sys.exit(1) + + tmpl_vars = {} + standalone_vars = {} + nova_config = {} + standalone_vars['tripleo_nova_compute_config_overrides'] = nova_config + file_cache = {} + format_dict = dict(role=args.role) + + for t_var, t_dict in TEMPLATE_VARS.items(): + # Load the file if not already in file_cache + log.info('Looking up {}'.format(t_var)) + file_path = os.path.join( + args.config_download_dir, + t_dict['file']).format(**format_dict) + if file_path not in file_cache: + with open(file_path) as f: + log.info('Caching {}'.format(file_path)) + file_cache[file_path] = yaml.safe_load(f.read()) + + keys = t_dict['key'].split('.') + val = file_cache[file_path][keys[0]] + for k in keys[1:]: + val = val[k] + tmpl_vars[t_var] = val + + for s_var, s_tmpl in STANDALONE_VARS.items(): + log.info("Loading template for {}".format(s_var)) + jinja_tmpl = jinja2.Environment().from_string(s_tmpl['template']) + log.info("Rendering {}".format(s_var)) + s_val = jinja_tmpl.render(**tmpl_vars) + standalone_vars[s_var] = s_val + if 'section' in s_tmpl: + section_config = nova_config.setdefault(s_tmpl['section'], {}) + section_config[s_tmpl['option']] = s_val + + config_dict = {'Compute': {'vars': standalone_vars}} + with open(args.output_file, 'w') as f: + f.write(yaml.safe_dump(config_dict, default_flow_style=False, width=10000)) + + +if __name__ == '__main__': + main() diff --git a/setup.cfg b/setup.cfg index a5b62e66a..3992bb739 100644 --- a/setup.cfg +++ b/setup.cfg @@ -21,6 +21,7 @@ setup-hooks = [files] data_files = + share/ansible/tripleo-inventory/ = tripleo_ansible/inventory/* share/ansible/tripleo-playbooks/ = tripleo_ansible/playbooks/* share/ansible/plugins/ = tripleo_ansible/ansible_plugins/* share/ansible/roles/ = tripleo_ansible/roles/* diff --git a/tripleo_ansible/inventory/01-site b/tripleo_ansible/inventory/01-site new file mode 100644 index 000000000..e2bf1600b --- /dev/null +++ b/tripleo_ansible/inventory/01-site @@ -0,0 +1,11 @@ +# allovercloud group is needed by tripleo_ssh_known_hosts +[allovercloud:children] +overcloud + +# primary_role_name used by some plays to target the primary role first +[primary_role_name:children] + +[overcloud:children] +Compute + +[Compute] diff --git a/tripleo_ansible/inventory/02-computes b/tripleo_ansible/inventory/02-computes new file mode 100644 index 000000000..78fe3c12f --- /dev/null +++ b/tripleo_ansible/inventory/02-computes @@ -0,0 +1,26 @@ +Compute: + hosts: + # Add additional computes here, and optionally drop localhost. + # Add host vars under the host_vars dir. + localhost: + vars: + service_net_map: + nova_api_network: internal_api + nova_libvirt_network: internal_api + + # tripleo_network_config + # Default nic config template for a TripleO compute node + # These vars are tripleo_network_config role vars + tripleo_network_config_template: templates/net_config_static_bridge.j2 + tripleo_network_config_hide_sensitive_logs: false + # + # These vars are for the network config templates themselves and are + # considered TripleO network defaults. + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth1 + ctlplane_subnet_cidr: 24 + ctlplane_gateway_ip: 192.168.24.1 + + # tripleo_nodes_validation + tripleo_nodes_validation_validate_controllers_icmp: false + tripleo_nodes_validation_validate_gateway_icmp: false diff --git a/tripleo_ansible/inventory/03-tripleo b/tripleo_ansible/inventory/03-tripleo new file mode 100644 index 000000000..bb78c8e71 --- /dev/null +++ b/tripleo_ansible/inventory/03-tripleo @@ -0,0 +1,3 @@ +overcloud: + vars: + tripleo_ovn_controller_image: quay.io/tripleomastercentos9/openstack-ovn-controller:current-tripleo diff --git a/tripleo_ansible/inventory/group_vars/overcloud b/tripleo_ansible/inventory/group_vars/overcloud new file mode 100644 index 000000000..705e778df --- /dev/null +++ b/tripleo_ansible/inventory/group_vars/overcloud @@ -0,0 +1,15 @@ +--- + +gather_facts: false +enable_debug: false + +# SELinux module +tripleo_selinux_mode: enforcing +undercloud_hosts_entries: [] + +# tripleo_hosts_entries role +extra_hosts_entries: [] +vip_hosts_entries: [] +hosts_entries: [] +hosts_entry: [] +plan: overcloud diff --git a/tripleo_ansible/inventory/host_vars/localhost b/tripleo_ansible/inventory/host_vars/localhost new file mode 100644 index 000000000..1ab0f84bd --- /dev/null +++ b/tripleo_ansible/inventory/host_vars/localhost @@ -0,0 +1,7 @@ +--- + +ansible_connection: local +ctlplane_ip: 192.168.24.100 +internal_api_ip: 192.168.24.2 +tenant_ip: 192.168.24.2 +fqdn_internal_api: '{{ ansible_fqdn }}' diff --git a/tripleo_ansible/playbooks/deploy-overcloud-compute.yml b/tripleo_ansible/playbooks/deploy-overcloud-compute.yml new file mode 100644 index 000000000..70fd539ba --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-overcloud-compute.yml @@ -0,0 +1,49 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Deploy TripleO facts playbook + ansible.builtin.import_playbook: deploy-tripleo-facts.yml + +- name: Deploy TripleO SELinux playbook + ansible.builtin.import_playbook: deploy-tripleo-selinux.yml + +- name: Deploy TripleO pre-network playbook + ansible.builtin.import_playbook: deploy-tripleo-pre-network.yml + +- name: Deploy TripleO network playbook + ansible.builtin.import_playbook: deploy-tripleo-network-configure.yml + +- name: Deploy TripleO network validation playbook + ansible.builtin.import_playbook: deploy-tripleo-network-validate.yml + +- name: Deploy TripleO install operating system playbook + ansible.builtin.import_playbook: deploy-tripleo-os-install.yml + +- name: Deploy TripleO configure operating system playbook + ansible.builtin.import_playbook: deploy-tripleo-os-configure.yml + +- name: Deploy TripleO run operating system playbook + ansible.builtin.import_playbook: deploy-tripleo-os-run.yml + +- name: Deploy TripleO install OpenStack playbook + ansible.builtin.import_playbook: deploy-tripleo-openstack-install.yml + +- name: Deploy TripleO configure OpenStack playbook + ansible.builtin.import_playbook: deploy-tripleo-openstack-configure.yml + +- name: Deploy TripleO run OpenStack playbook + ansible.builtin.import_playbook: deploy-tripleo-openstack-run.yml diff --git a/tripleo_ansible/playbooks/deploy-tripleo-facts.yml b/tripleo_ansible/playbooks/deploy-tripleo-facts.yml new file mode 100644 index 000000000..94fcc7dec --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-facts.yml @@ -0,0 +1,40 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: all + name: Clear cached facts + # We don't want to gather facts, just clear them + gather_facts: false + tasks: + - ansible.builtin.meta: clear_facts + tags: + - facts + +- hosts: "{{ deploy_source_host | default([]) }}:{{ deploy_target_host | default('overcloud') }}" + name: Gather facts + strategy: tripleo_free + gather_facts: true + tasks: + - name: Set legacy facts + ansible.builtin.set_fact: + ansible_distribution: "{{ ansible_facts['distribution'] }}" + ansible_distribution_major_version: "{{ ansible_facts['distribution_major_version'] }}" + ansible_distribution_release: "{{ ansible_facts['distribution_release'] }}" + ansible_distribution_version: "{{ ansible_facts['distribution_version'] }}" + ansible_os_family: "{{ ansible_facts['os_family'] }}" + tags: + - facts diff --git a/tripleo_ansible/playbooks/deploy-tripleo-network-configure.yml b/tripleo_ansible/playbooks/deploy-tripleo-network-configure.yml new file mode 100644 index 000000000..ef41039fc --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-network-configure.yml @@ -0,0 +1,30 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ primary_role_name | default([]) }}:{{ deploy_target_host | default('overcloud') }}" + strategy: tripleo_free + name: Deploy TripleO Network + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + tasks: + - name: Run Network Config + import_role: + name: tripleo_network_config + vars: + tripleo_network_config_with_ansible: true + tags: + - tripleo_network_config diff --git a/tripleo_ansible/playbooks/deploy-tripleo-network-validate.yml b/tripleo_ansible/playbooks/deploy-tripleo-network-validate.yml new file mode 100644 index 000000000..362cd4ece --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-network-validate.yml @@ -0,0 +1,28 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ primary_role_name | default([]) }}:{{ deploy_target_host | default('overcloud') }}" + strategy: tripleo_free + name: Server Network Validation + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + tasks: + - name: Basic Network Validation + import_role: + name: tripleo_nodes_validation + tags: + - tripleo_nodes_validation diff --git a/tripleo_ansible/playbooks/deploy-tripleo-openstack-configure.yml b/tripleo_ansible/playbooks/deploy-tripleo-openstack-configure.yml new file mode 100644 index 000000000..7b7f50b68 --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-openstack-configure.yml @@ -0,0 +1,52 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ deploy_target_host | default('overcloud') }}" + name: Deploy TripleO OpenStack Configure + strategy: tripleo_free + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + tasks: + - name: Configure tripleo_ssh_known_hosts + import_role: + name: tripleo_ssh_known_hosts + tags: + - tripleo_ssh_known_hosts + - name: Configure tripleo_logrotate_crond + import_role: + name: tripleo_logrotate_crond + tasks_from: configure.yml + tags: + - tripleo_logrotate_crond + - name: Configure tripleo_iscsid + import_role: + name: tripleo_iscsid + tasks_from: configure.yml + tags: + - tripleo_iscsid + - name: Configure tripleo_nova_libvirt + import_role: + name: tripleo_nova_libvirt + tasks_from: configure.yml + tags: + - tripleo_nova_libvirt + - name: Configure tripleo_nova_compute + import_role: + name: tripleo_nova_compute + tasks_from: configure.yml + tags: + - tripleo_nova_compute diff --git a/tripleo_ansible/playbooks/deploy-tripleo-openstack-install.yml b/tripleo_ansible/playbooks/deploy-tripleo-openstack-install.yml new file mode 100644 index 000000000..731180383 --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-openstack-install.yml @@ -0,0 +1,47 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ deploy_target_host | default('overcloud') }}" + name: Deploy TripleO OpenStack Install + strategy: tripleo_free + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + tasks: + - name: Install tripleo_logrotate_crond + import_role: + name: tripleo_logrotate_crond + tasks_from: install.yml + tags: + - tripleo_logrotate_crond + - name: Install tripleo_iscsid + import_role: + name: tripleo_iscsid + tasks_from: install.yml + tags: + - tripleo_iscsid + - name: Install tripleo_nova-libvirt + import_role: + name: tripleo_nova_libvirt + tasks_from: install.yml + tags: + - tripleo_nova_libvirt + - name: Install tripleo_nova_compute + import_role: + name: tripleo_nova_compute + tasks_from: install.yml + tags: + - tripleo_nova_compute diff --git a/tripleo_ansible/playbooks/deploy-tripleo-openstack-run.yml b/tripleo_ansible/playbooks/deploy-tripleo-openstack-run.yml new file mode 100644 index 000000000..c377a3ebf --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-openstack-run.yml @@ -0,0 +1,47 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ deploy_target_host | default('overcloud') }}" + name: Deploy TripleO OpenStack Run + strategy: tripleo_free + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + tasks: + - name: Run tripleo_logrotate_crond + import_role: + name: tripleo_logrotate_crond + tasks_from: run.yml + tags: + - tripleo_logrotate_crond + - name: Run tripleo_iscsid + import_role: + name: tripleo_iscsid + tasks_from: run.yml + tags: + - tripleo_iscsid + - name: Run tripleo_nova_libvirt + import_role: + name: tripleo_nova_libvirt + tasks_from: run.yml + tags: + - tripleo_nova_libvirt + - name: Run tripleo_nova_compute + import_role: + name: tripleo_nova_compute + tasks_from: run.yml + tags: + - tripleo_nova_compute diff --git a/tripleo_ansible/playbooks/deploy-tripleo-os-configure.yml b/tripleo_ansible/playbooks/deploy-tripleo-os-configure.yml new file mode 100644 index 000000000..49c3843ec --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-os-configure.yml @@ -0,0 +1,60 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ primary_role_name | default([]) }}:{{ deploy_target_host | default('overcloud') }}" + name: Deploy TripleO Operating System Configure + strategy: tripleo_free + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + become: true + tasks: + - name: Configure tripleo_podman + import_role: + name: tripleo_podman + tasks_from: tripleo_podman_configure.yml + tags: + - tripleo_podman + - name: Manage tripleo container services + import_role: + name: tripleo_container_manage + tasks_from: shutdown.yml + tags: + - tripleo_container_manage + - name: Configure tripleo_sshd + import_role: + name: tripleo_sshd + tasks_from: configure.yml + tags: + - tripleo_sshd + - name: Configure chrony + import_role: + name: chrony + tasks_from: config.yml + tags: + - chrony + - name: Configure tripleo_timezone + import_role: + name: tripleo_timezone + tasks_from: configure.yml + tags: + - tripleo_timezone + - name: Configure tripleo_ovn + import_role: + name: tripleo_ovn + tasks_from: configure.yml + tags: + - tripleo_ovn diff --git a/tripleo_ansible/playbooks/deploy-tripleo-os-install.yml b/tripleo_ansible/playbooks/deploy-tripleo-os-install.yml new file mode 100644 index 000000000..ea7816161 --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-os-install.yml @@ -0,0 +1,93 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ primary_role_name | default([]) }}:{{ deploy_target_host | default('overcloud') }}" + strategy: tripleo_free + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + become: true + tasks: + - name: Ensure /var/log/journal exists + become: true + file: + path: /var/log/journal + state: directory + mode: 0750 + owner: root + group: root + setype: var_log_t + - name: Check cloud-init status + shell: systemctl is-active cloud-init.service || systemctl is-enabled cloud-init.service + failed_when: false + become: true + register: cloud_init_enabled + - debug: + var: cloud_init_enabled + - name: Check if cloud-init is disabled via kernel args + shell: cat /proc/cmdline | grep -q cloud-init=disabled + failed_when: false + check_mode: false + register: cloud_init_vendor_disabled + - name: Wait for cloud-init to finish, if enabled + community.general.cloud_init_data_facts: + filter: status + register: res + until: > + res.cloud_init_data_facts.status.v1.stage is defined and + not res.cloud_init_data_facts.status.v1.stage + retries: 50 + delay: 5 + when: + - not ansible_check_mode + - cloud_init_enabled.rc is defined + - cloud_init_enabled.rc == 0 + - cloud_init_vendor_disabled.rc is not defined or cloud_init_vendor_disabled.rc != 0 + - name: Install tripleo_bootstrap + import_role: + name: tripleo_bootstrap + tasks_from: bootstrap.yml + tags: + - tripleo_bootstrap + - name: Install tripleo_kernel + import_role: + name: tripleo_kernel + tags: + - tripleo_kernel + - name: Install tripleo_podman + import_role: + name: tripleo_podman + tasks_from: tripleo_podman_install.yml + tags: + - tripleo_podman + - name: Install tripleo_sshd + import_role: + name: tripleo_sshd + tasks_from: install.yml + tags: + - tripleo_sshd + - name: Install chrony + import_role: + name: chrony + tasks_from: install.yml + tags: + - chrony + - name: Install tripleo_ovn + import_role: + name: tripleo_ovn + tasks_from: install.yml + tags: + - tripleo_ovn diff --git a/tripleo_ansible/playbooks/deploy-tripleo-os-run.yml b/tripleo_ansible/playbooks/deploy-tripleo-os-run.yml new file mode 100644 index 000000000..258bf543a --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-os-run.yml @@ -0,0 +1,60 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ primary_role_name | default([]) }}:{{ deploy_target_host | default('overcloud') }}" + name: Deploy TripleO Operating System Run + strategy: tripleo_free + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + become: true + tasks: + - name: Run tripleo_sshd + import_role: + name: tripleo_sshd + tasks_from: run.yml + tags: + - tripleo_sshd + - name: Run chrony + import_role: + name: chrony + tasks_from: run.yml + tags: + - chrony + - name: Run chrony (online) + import_role: + name: chrony + tasks_from: online.yml + tags: + - chrony + - name: Run chrony (sync) + import_role: + name: chrony + tasks_from: sync.yml + tags: + - chrony + - name: Run tripleo_timezone + import_role: + name: tripleo_timezone + tasks_from: run.yml + tags: + - tripleo_timezone + - name: Run tripleo_ovn + import_role: + name: tripleo_ovn + tasks_from: run.yml + tags: + - tripleo_ovn diff --git a/tripleo_ansible/playbooks/deploy-tripleo-pre-network.yml b/tripleo_ansible/playbooks/deploy-tripleo-pre-network.yml new file mode 100644 index 000000000..c38ff02c9 --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-pre-network.yml @@ -0,0 +1,23 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ primary_role_name | default([]) }}:{{ deploy_target_host | default('overcloud') }}" + strategy: tripleo_free + name: Deploy TripleO Pre Network + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + tasks: [] diff --git a/tripleo_ansible/playbooks/deploy-tripleo-selinux.yml b/tripleo_ansible/playbooks/deploy-tripleo-selinux.yml new file mode 100644 index 000000000..f64b5149d --- /dev/null +++ b/tripleo_ansible/playbooks/deploy-tripleo-selinux.yml @@ -0,0 +1,44 @@ +--- +# Copyright 2022 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- hosts: "{{ deploy_target_host | default('overcloud') }}" + strategy: tripleo_linear + name: Manage SELinux + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + tasks: + - name: Set selinux state + become: true + selinux: + policy: targeted + state: "{{ tripleo_selinux_mode }}" + +- hosts: all + strategy: tripleo_linear + name: Generate /etc/hosts + gather_facts: "{{ gather_facts | default(false) }}" + any_errors_fatal: true + tasks: + - name: Configure Hosts Entries + import_role: + name: tripleo_hosts_entries + vars: + tripleo_hosts_entries_undercloud_hosts_entries: "{{ undercloud_hosts_entries }}" + tripleo_hosts_entries_extra_hosts_entries: "{{ extra_hosts_entries }}" + tripleo_hosts_entries_vip_hosts_entries: "{{ vip_hosts_entries }}" + tags: + - tripleo_hosts_entries