support flat network and availiability zone and certs

This patch fixes the following issues: 1. When OS only support flat network, no tenant network is involved. private_v4 should be used for remote access 2. Added availability zone in addition to region so that script can also work for the cloud with multiple regions and zones. 3. Added validate_certs so that when self signed certificates used by a cloud, the script can also work. Change-Id: I13f789f72eae75a0274ecf38545cb026e14e7e81 Co-Authored-By: Rohit Agarwalla <roagarwa@cisco.com>
2016-09-29 00:12:38 -04:00 · 2016-09-29 00:12:38 -04:00 · 20f37e0e5f
parent 4bd9be28c7
commit 20f37e0e5f
21 changed files with 179 additions and 16 deletions
--- a/ansible/dockerswarm/README.md
+++ b/ansible/dockerswarm/README.md
@ -59,12 +59,14 @@ example::

    app_env: {
      image_name: "coreos",
-      region_name: "",
      private_net_name: "",
      net_device: "eth0",
      flavor_name: "m1.small",
      swarm_version: "latest",
      swarm_size: 3,
+      region_name: "RegionOne",
+      availability_zone: "nova",
+      validate_certs: True,
      fqdn: "swarm.example.com",
      public_key_file: "/home/tong/.ssh/id_rsa.pub"
    }
@ -79,7 +81,8 @@ However, if your cloud supports tenant network and you have more than one
 tenant networks in your account, you will need to specify which tenant network
 to be used, otherwise, the script will error out. To create a large docker
 swarm, change the swarm_size to a large value like 20, the script will create
-a docker swarm with 20 coreos nodes.
+a docker swarm with 20 coreos nodes. You can also specify if you do not want
+to verify server certificate if your server uses self signed certificate.


 ## Run the script
--- a/ansible/dockerswarm/roles/post_apply/tasks/main.yml
+++ b/ansible/dockerswarm/roles/post_apply/tasks/main.yml
@ -4,6 +4,14 @@
      export DOCKER_HOST=tcp://{{ hostvars.swarmnode1.swarmnode.openstack.public_v4 }}:2375;
      export DOCKER_TLS_VERIFY=1;
      export DOCKER_CERT_PATH=/tmp/{{ env }}/keys
+  when: hostvars.swarmnode1.swarmnode.openstack.public_v4 != ""
+
+- debug:
+    msg: >-
+      export DOCKER_HOST=tcp://{{ hostvars.swarmnode1.swarmnode.openstack.private_v4 }}:2375;
+      export DOCKER_TLS_VERIFY=1;
+      export DOCKER_CERT_PATH=/tmp/{{ env }}/keys
+  when: hostvars.swarmnode1.swarmnode.openstack.public_v4 == ""

 - debug:
    msg: >-
--- a/ansible/dockerswarm/roles/post_destroy/tasks/main.yml
+++ b/ansible/dockerswarm/roles/post_destroy/tasks/main.yml
@ -4,6 +4,8 @@
    state: absent
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: dockerswarm_sg
    description: secuirty group for dockerswarm

@ -15,6 +17,8 @@
    state: absent
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: "dockerswarm"

 - debug:
--- a/ansible/dockerswarm/roles/prep_apply/tasks/main.yml
+++ b/ansible/dockerswarm/roles/prep_apply/tasks/main.yml
@ -36,6 +36,8 @@
  os_flavor_facts:
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: "{{ app_env.flavor_name }}"

 - name: Create a key-pair
@ -43,6 +45,8 @@
    state: "present"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: "dockerswarm"
    public_key_file: "{{ app_env.public_key_file }}"

@ -51,6 +55,8 @@
    state: present
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: dockerswarm_sg
    description: secuirty group for dockerswarm

@ -59,6 +65,8 @@
    state: present
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    security_group: dockerswarm_sg
    protocol: "{{ item.protocol }}"
    direction: "{{ item.dir }}"
--- a/ansible/dockerswarm/roles/prov_apply/tasks/main.yml
+++ b/ansible/dockerswarm/roles/prov_apply/tasks/main.yml
@ -1,6 +1,11 @@
 ---
 - name: Get public IP
  set_fact: node_ip="{{ swarmnode.openstack.public_v4 }}"
+  when: swarmnode.openstack.public_v4 != ""
+
+- name: Get public IP
+  set_fact: node_ip="{{ swarmnode.openstack.private_v4 }}"
+  when: swarmnode.openstack.public_v4 == ""

 - name: Make certificate configuration file
  copy:
--- a/ansible/dockerswarm/roles/prov_destroy/tasks/main.yml
+++ b/ansible/dockerswarm/roles/prov_destroy/tasks/main.yml
@ -4,6 +4,8 @@
    state: "absent"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: docker-swarm-{{ host_no }}
    key_name: "dockerswarm"
    timeout: 200
--- a/ansible/dockerswarm/roles/vm_apply/tasks/main.yml
+++ b/ansible/dockerswarm/roles/vm_apply/tasks/main.yml
@ -4,6 +4,8 @@
    state: "present"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: docker-swarm-{{ host_no }}
    image: "{{ app_env.image_name }}"
    key_name: "dockerswarm"
--- a/ansible/dockerswarm/roles/vm_destroy/tasks/main.yml
+++ b/ansible/dockerswarm/roles/vm_destroy/tasks/main.yml
@ -0,0 +1 @@
+---
--- a/ansible/dockerswarm/vars/bluebox.yml
+++ b/ansible/dockerswarm/vars/bluebox.yml
@ -10,12 +10,14 @@ auth: {

 app_env: {
  image_name: "coreos",
-  region_name: "",
  private_net_name: "interopnet",
  net_device: "eth0",
  flavor_name: "m1.small",
  swarm_version: "latest",
  swarm_size: 3,
+  region_name: "",
+  availability_zone: "",
+  validate_certs: True,
  fqdn: "swarm.example.com",
  public_key_file: "/home/tong/.ssh/id_rsa.pub"
 }
--- a/ansible/dockerswarm/vars/leap.yml
+++ b/ansible/dockerswarm/vars/leap.yml
@ -10,13 +10,15 @@ auth: {
 }

 app_env: {
-  image_name: "CoreOS",
-  region_name: "",
+  image_name: "coreos",
  private_net_name: "Bluebox",
  net_device: "eth0",
  flavor_name: "m1.small",
  swarm_version: "latest",
  swarm_size: 3,
+  region_name: "RegionOne",
+  availability_zone: "nova",
+  validate_certs: False,
  fqdn: "swarm.example.com",
  public_key_file: "/home/tong/.ssh/id_rsa.pub"
 }
--- a/ansible/dockerswarm/vars/osic.yml
+++ b/ansible/dockerswarm/vars/osic.yml
@ -11,12 +11,14 @@ auth: {

 app_env: {
  image_name: "coreos",
-  region_name: "",
  private_net_name: "interopnet",
  net_device: "eth0",
  flavor_name: "m1.small",
  swarm_version: "latest",
  swarm_size: 3,
+  region_name: "",
+  availability_zone: "",
+  validate_certs: True,
  fqdn: "swarm.example.com",
  public_key_file: "/home/tong/.ssh/id_rsa.pub"
 }
--- a/ansible/dockerswarm/vars/ovh.yml
+++ b/ansible/dockerswarm/vars/ovh.yml
@ -10,12 +10,14 @@ auth: {

 app_env: {
  image_name: "coreos",
-  region_name: "BHS1",
  private_net_name: "",
  net_device: "eth0",
  flavor_name: "eg-15-ssd",
  swarm_version: "latest",
  swarm_size: 3,
+  region_name: "BHS1",
+  availability_zone: "",
+  validate_certs: True,
  fqdn: "swarm.example.com",
  public_key_file: "/home/tong/.ssh/id_rsa.pub"
 }
--- a/ansible/lampstack/README.md
+++ b/ansible/lampstack/README.md
@ -53,10 +53,13 @@ You may create one such file per cloud for your tests.
    }

    app_env: {
-      image_name: "trusty 1404",
-      private_net_name: "Bluebox",
-      public_net_name: "internet",
-      public_key_file: "/home/ubuntu/.ssh/id_rsa.pub",
+      image_name: "ubuntu-15.04",
+      region_name: "RegionOne",
+      availability_zone: "nova",
+      validate_certs: True,
+      private_net_name: "my_tenant_net",
+      flavor_name: "m1.small",
+      public_key_file: "/home/tong/.ssh/id_rsa.pub",
      stack_size: 4,
      volume_size: 2,
      block_device_name: "/dev/vdb",
@ -66,7 +69,15 @@ You may create one such file per cloud for your tests.


 The values of these variables should be provided by your cloud provider. When
-use keystone 2.0 API, you will not need to setup domain name.
+use keystone 2.0 API, you will not need to setup domain name. You can leave
+region_name empty if you have just one region. You can also leave
+private_net_name empty if your cloud does not support tenant network or you
+only have one tenant network. The private_net_name is only needed when you
+have multiple tenant networks. validate_certs should be normally set to True
+when your cloud uses tls(ssl) and your cloud is not using self signed
+certificate. If your cloud is using self signed certificate, then the
+certificate can not be easily validated by ansible. You can skip it by setting
+the parameter to False.


 ## Provision the LAMP stack
--- a/ansible/lampstack/roles/apply/tasks/main.yml
+++ b/ansible/lampstack/roles/apply/tasks/main.yml
@ -6,6 +6,8 @@
  os_flavor_facts:
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: "{{ app_env.flavor_name }}"

 - name: Create a key-pair
@ -13,6 +15,8 @@
    state: "present"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: "lampstack"
    public_key_file: "{{ app_env.public_key_file }}"

@ -21,6 +25,8 @@
    state: present
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    size: "{{ app_env.volume_size }}"
    wait: yes
    display_name: db_volume
@ -30,6 +36,8 @@
    state: present
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: lampstack_sg
    description: secuirty group for lampstack

@ -38,6 +46,8 @@
    state: present
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    security_group: lampstack_sg
    protocol: "{{ item.protocol }}"
    direction: "{{ item.dir }}"
@ -58,6 +68,8 @@
    state: "present"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: database
    image: "{{ app_env.image_name }}"
    key_name: "lampstack"
@ -75,12 +87,21 @@
  add_host:
    name: "{{ database.openstack.public_v4 }}"
    groups: dbservers
+  when: database.openstack.public_v4 != ""
+
+- name: Add database node to the dbservers host group
+  add_host:
+    name: "{{ database.openstack.private_v4 }}"
+    groups: dbservers
+  when: database.openstack.public_v4 == ""

 - name: Create balancer node
  os_server:
    state: "present"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: balancer
    image: "{{ app_env.image_name }}"
    key_name: "lampstack"
@ -98,12 +119,21 @@
  add_host:
    name: "{{ balancer.openstack.public_v4 }}"
    groups: balancers
+  when: balancer.openstack.public_v4 != ""
+
+- name: Add balancer node to the balancers host group
+  add_host:
+    name: "{{ balancer.openstack.private_v4 }}"
+    groups: balancers
+  when: balancer.openstack.public_v4 == ""

 - name: Create a volume for database to save data
  os_server_volume:
    state: present
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    server: database
    volume: db_volume
    device: "{{ app_env.block_device_name }}"
@ -113,6 +143,8 @@
    state: "present"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: apache-{{ item }}
    image: "{{ app_env.image_name }}"
    key_name: "lampstack"
@ -131,6 +163,15 @@
  add_host:
    name: "{{ item.openstack.public_v4 }}"
    groups: webservers
+  when: item.openstack.public_v4 != ""
+  with_items: "{{ webserver.results }}"
+  no_log: True
+
+- name: Add web servers to webservers host group
+  add_host:
+    name: "{{ item.openstack.private_v4 }}"
+    groups: webservers
+  when: item.openstack.public_v4 == ""
  with_items: "{{ webserver.results }}"
  no_log: True

@ -138,4 +179,12 @@
  add_host:
    name: "{{ webserver.results[0].openstack.public_v4 }}"
    groups: wps
+  when: webserver.results[0].openstack.public_v4 != ""
+  no_log: True
+
+- name: Add one web servers to wps host group
+  add_host:
+    name: "{{ webserver.results[0].openstack.private_v4 }}"
+    groups: wps
+  when: webserver.results[0].openstack.public_v4 == ""
  no_log: True
--- a/ansible/lampstack/roles/cleaner/tasks/apply.yml
+++ b/ansible/lampstack/roles/cleaner/tasks/apply.yml
@ -2,6 +2,8 @@
 - os_floating_ip:
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    state: absent
    floating_ip_address: "{{ database.openstack.public_v4 }}"
    server: "{{ database.openstack.name }}"
@ -11,6 +13,8 @@
 - os_floating_ip:
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    state: absent
    floating_ip_address: "{{ item.openstack.public_v4 }}"
    server: "{{ item.openstack.name }}"
--- a/ansible/lampstack/roles/destroy/tasks/main.yml
+++ b/ansible/lampstack/roles/destroy/tasks/main.yml
@ -7,6 +7,8 @@
    state: "absent"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: "lampstack"
    public_key_file: "{{ app_env.public_key_file }}"

@ -15,6 +17,8 @@
    state: "absent"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: database
    image: "{{ app_env.image_name }}"
    key_name: "lampstack"
@ -28,6 +32,8 @@
    state: "absent"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: balancer
    image: "{{ app_env.image_name }}"
    key_name: "lampstack"
@ -41,6 +47,8 @@
    state: "absent"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: apache-{{ item }}
    image: "{{ app_env.image_name }}"
    key_name: "lampstack"
@ -55,6 +63,8 @@
    state: absent
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    name: lampstack_sg
    description: secuirty group for lampstack

@ -63,5 +73,7 @@
    state: absent
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
+    availability_zone: "{{ app_env.availability_zone }}"
+    validate_certs: "{{ app_env.validate_certs }}"
    wait: yes
    display_name: db_volume
--- a/ansible/lampstack/roles/wordpress/tasks/main.yml
+++ b/ansible/lampstack/roles/wordpress/tasks/main.yml
@ -7,6 +7,17 @@
    --admin_user=wpuser
    --admin_password="{{ db_pass }}"
    --admin_email='interop@openstack.org'
+  when: hostvars.cloud.balancer.openstack.public_v4 != ""
+
+- name: Install wordpress
+  shell: >
+    wp core install --path=/var/www/html
+    --url="http://{{ hostvars.cloud.balancer.openstack.private_v4 }}"
+    --title='OpenStack Interop Challenge'
+    --admin_user=wpuser
+    --admin_password="{{ db_pass }}"
+    --admin_email='interop@openstack.org'
+  when: hostvars.cloud.balancer.openstack.public_v4 == ""

 - name: Activate wordpress theme
  shell: >
--- a/ansible/lampstack/site.yml
+++ b/ansible/lampstack/site.yml
@ -62,7 +62,15 @@
          Access wordpress at
          http://{{ hostvars.cloud.balancer.openstack.public_v4 }}.
          wordpress userid is wpuser, password is {{ db_pass }}
-      when: hostvars.cloud.balancer is defined
+      when: hostvars.cloud.balancer is defined and
+            hostvars.cloud.balancer.openstack.public_v4 != ""
+    - debug:
+        msg: >-
+          Access wordpress at
+          http://{{ hostvars.cloud.balancer.openstack.private_v4 }}.
+          wordpress userid is wpuser, password is {{ db_pass }}
+      when: hostvars.cloud.balancer is defined and
+            hostvars.cloud.balancer.openstack.public_v4 == ""
    - debug:
        msg: >-
          The work load test started at {{ hostvars.cloud.starttime.time }},
--- a/ansible/lampstack/vars/bluebox.yml
+++ b/ansible/lampstack/vars/bluebox.yml
@ -11,8 +11,9 @@ auth: {
 app_env: {
  image_name: "ubuntu-15.04",
  region_name: "",
+  availability_zone: "",
+  validate_certs: True,
  private_net_name: "interopnet",
-  public_net_name: "external",
  flavor_name: "m1.small",
  public_key_file: "/home/tong/.ssh/id_rsa.pub",
  stack_size: 4,
--- a/ansible/lampstack/vars/leap.yml
+++ b/ansible/lampstack/vars/leap.yml
@ -11,9 +11,10 @@ auth: {

 app_env: {
  image_name: "ubuntu-15.04",
-  region_name: "",
+  region_name: "RegionOne",
+  availability_zone: "nova",
+  validate_certs: False,
  private_net_name: "Bluebox",
-  public_net_name: "internet",
  flavor_name: "m1.small",
  public_key_file: "/home/tong/.ssh/id_rsa.pub",
  stack_size: 4,
--- a/ansible/lampstack/vars/osic.yml
+++ b/ansible/lampstack/vars/osic.yml
@ -0,0 +1,25 @@
+---
+horizon_url: "https://cloud1.osic.org"
+
+auth: {
+  auth_url: "https://cloud1.osic.org:5000/v3",
+  username: "litong01",
+  password: "{{ password }}",
+  domain_name: "default",
+  project_name: "interop_challenge"
+}
+
+app_env: {
+  image_name: "ubuntu-server-14.04",
+  region_name: "",
+  availability_zone: "nova",
+  validate_certs: True,
+  private_net_name: "interopnet",
+  flavor_name: "m1.small",
+  public_key_file: "/home/tong/.ssh/id_rsa.pub",
+  stack_size: 4,
+  volume_size: 2,
+  block_device_name: "/dev/vdb",
+  wp_theme: "https://downloads.wordpress.org/theme/iribbon.2.0.65.zip",
+  wp_posts: "http://wpcandy.s3.amazonaws.com/resources/postsxml.zip"
+}