Remove hardcoded volume point and tenant network issues

This patch set fixed the following problems

  1. Using hardcoded device names such as eth0, /dev/vdb.
     These names are configurable now
  2. Requires tenant networks to be avaialbe.
     No longer required now
  3. Terraform multiple endpoints issue can not be overcame.
     Recreated the docker swarm workload test using ansible

Change-Id: Ic4bcd07caa7f7a27f7cb520fb3302fb547f085f0
This commit is contained in:
Tong Li 2016-09-13 12:51:11 -04:00
parent 85b502c8ce
commit 22e9aad745
37 changed files with 690 additions and 37 deletions

ansible/dockerswarm/.gitignore vendored Executable file
View File

@ -0,0 +1,4 @@

ansible/dockerswarm/ Executable file
View File

@ -0,0 +1,128 @@
# Docker Swarm Ansible deployments on OpenStack Cloud
## Status
This will install a 3 node lampstack. Once the script finishes, a set of
environment varialbes will be displayed, export these environment variable
then you can run docker commands against the swarm
## Requirements
- [Install Ansible](
- [Install openstack shade] (
- Make sure there is an openstack coreos image available on your cloud.
- Clone this project into a directory.
- To run docker commands, you will need to install docker client. Following
the following steps if you are using ubuntu to run the script, if you are
using some other environment run the script, then the steps setting up
docker client may be different::
apt-get update
apt-get -y install
ln -sf /usr/bin/ /usr/local/bin/docker
## Ansible
Ansible and OpenStack Shade are used to provision all of the OpenStack
### Prep
#### Deal with ssh keys for Openstack Authentication
If you do not have a ssh key, then you should create one by using a tool.
An example command to do that is provided below. Once you have a key pair,
ensure your local ssh-agent is running and your ssh key has been added.
This step is required. Not doing this, you will have to manually give
passphrase when script runs, and script can fail. If you really do not want
to deal with passphrase, you can create a key pair without passphrase::
ssh-keygen -t rsa
eval $(ssh-agent -s)
ssh-add ~/.ssh/id_rsa
#### General Openstack Settings
Ansible's OpenStack cloud module is used to provision compute resources
against an OpenStack cloud. Before you run the script, the cloud environment
will have to be specified. Sample files have been provided in vars directory.
You may create one such file per cloud for your tests. The following is an
auth: {
auth_url: "http://x.x.x.x:5000/v3",
username: "demo",
password: "{{ password }}",
domain_name: "default",
project_name: "demo"
app_env: {
image_name: "coreos",
region_name: "",
private_net_name: "",
net_device: "eth0",
flavor_name: "m1.small",
swarm_version: "latest",
swarm_size: 3,
fqdn: "",
public_key_file: "/home/tong/.ssh/"
The values of these variables should be provided by your cloud provider. When
use keystone 2.0 API, you will not need to setup domain name. If your account
only has more than one regions available, specify the region_name to be used.
If there is only one, you can leave it blank or use the correct name. If your
cloud does not expose tenant network, leave private_net_name blank as well.
However, if your cloud supports tenant network and you have more than one
tenant networks in your account, you will need to specify which tenant network
to be used, otherwise, the script will error out. To create a large docker
swarm, change the swarm_size to a large value like 20, the script will create
a docker swarm with 20 coreos nodes.
## Run the script
With your cloud environment set, you should be able to run the script::
ansible-playbook -e "action=apply env=leap password=XXXXX" site.yml
The command will stand up the nodes using a cloud named leap (vars/leap.yml).
If you run the test against other cloud, you can create a new file use same
structure and specify that cloud attributes such as auth_url, etc. Then you
can simply replace work leap with that file name. Replace xxxxx with your
own cloud account password, you can also simply put your password in the
configuration file (vars/leap.yml in this case) and avoid to specify it from
the command line.
If everything goes well, it will accomplish the following::
1. Provision 3 coreos nodes on your cloud
2. Create security group
3. Add security rules to allow ping, ssh, docker access
4. Setup ssl keys, certificates
5. Display a set of environment variables that you can use to run docker
## Next Steps
### Check its up
If there are no errors, you can export the environment variables shown by
the script at the end. Then you can start running docker commands, here are
few examples::
docker info
docker images
docker pull ubuntu:vivid
## Cleanup
Once you're done with the swarm, don't forget to nuke the whole thing::
ansible-playbook -e "action=destroy env=leap password=XXXXX" site.yml
The above command will destroy all the resources created by the script.

View File

@ -0,0 +1,2 @@
inventory = ./hosts

ansible/dockerswarm/hosts Executable file
View File

@ -0,0 +1 @@
cloud ansible_host=

View File

@ -0,0 +1,11 @@
- debug:
msg: >-
export DOCKER_HOST=tcp://{{ hostvars.swarmnode1.swarmnode.openstack.public_v4 }}:2375;
export DOCKER_CERT_PATH=/tmp/{{ env }}/keys
- debug:
msg: >-
The work load test started at {{ starttime.time }},
ended at {{ ansible_date_time.time }}

View File

@ -0,0 +1,23 @@
- name: Remove security group
state: absent
auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: dockerswarm_sg
description: secuirty group for dockerswarm
- name: Delete discovery url directory
file: path="/tmp/{{ env }}" state=absent
- name: Delete a key-pair
state: absent
auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: "dockerswarm"
- debug:
msg: >-
The work load test started at {{ starttime.time }},
ended at {{ ansible_date_time.time }}

View File

@ -0,0 +1,88 @@
- name: Get start timestamp
set_fact: starttime="{{ ansible_date_time }}"
- name: Create certificate directory
file: path="/tmp/{{ env }}/keys" state=directory
- stat: path="/tmp/{{ env }}/discovery_url"
register: discovery_url_flag
- name: Get docker discovery url
url: "{{ app_env.swarm_size }}"
dest: "/tmp/{{ env }}/discovery_url"
when: discovery_url_flag.stat.exists == false
- shell: openssl genrsa -out "/tmp/{{ env }}/keys/ca-key.pem" 2048
- shell: openssl genrsa -out "/tmp/{{ env }}/keys/key.pem" 2048
- shell: >-
openssl req -x509 -new -nodes -key /tmp/{{ env }}/keys/ca-key.pem
-days 10000 -out /tmp/{{ env }}/keys/ca.pem -subj '/CN=docker-CA'
- shell: >-
openssl req -new -key /tmp/{{ env }}/keys/key.pem
-out /tmp/{{ env }}/keys/cert.csr
-subj '/CN=docker-client' -config ./roles/prov_apply/templates/openssl.cnf
- shell: >-
openssl x509 -req -in /tmp/{{ env }}/keys/cert.csr
-CA /tmp/{{ env }}/keys/ca.pem -CAkey /tmp/{{ env }}/keys/ca-key.pem
-CAcreateserial -out /tmp/{{ env }}/keys/cert.pem -days 365
-extensions v3_req -extfile ./roles/prov_apply/templates/openssl.cnf
- name: Retrieve specified flavor
auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: "{{ app_env.flavor_name }}"
- name: Create a key-pair
state: "present"
auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: "dockerswarm"
public_key_file: "{{ app_env.public_key_file }}"
- name: Create security group
state: present
auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: dockerswarm_sg
description: secuirty group for dockerswarm
- name: Add security rules
state: present
auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
security_group: dockerswarm_sg
protocol: "{{ item.protocol }}"
direction: "{{ item.dir }}"
port_range_min: "{{ item.p_min }}"
port_range_max: "{{ item.p_max }}"
- { p_min: 22, p_max: 22, dir: ingress, protocol: tcp }
- { p_min: 2375, p_max: 2376, dir: ingress, protocol: tcp }
- { p_min: 2379, p_max: 2380, dir: ingress, protocol: tcp }
- { p_min: 2379, p_max: 2380, dir: egress, protocol: tcp }
- { p_min: -1, p_max: -1, dir: ingress, protocol: icmp }
- { p_min: -1, p_max: -1, dir: egress, protocol: icmp }
- name: Create cloudinit file for all nodes
src: templates/cloudinit.j2
dest: "/tmp/{{ env }}/cloudinit"
- name: Add nodes to host group
name: "swarmnode{{ item }}"
hostname: ""
groups: dockerswarm
host_no: "{{ item }}"
with_sequence: count={{ app_env.swarm_size }}
no_log: True

View File

@ -0,0 +1,47 @@
- name: etcd.service
mask: true
- name: etcd2.service
command: start
- name: docker.service
command: start
- name: swarm-agent.service
content: |
Description=swarm agent
ExecStartPre=/usr/bin/docker pull swarm:latest
ExecStartPre=-/usr/bin/docker rm -f swarm-agent
ExecStart=/bin/sh -c "/usr/bin/docker run --rm --name swarm-agent swarm:latest join --addr=$COREOS_PRIVATE_IPV4:2376 etcd://$COREOS_PRIVATE_IPV4:2379/docker"
ExecStop=/usr/bin/docker stop swarm-agent
- name: swarm-manager.service
content: |
Description=swarm manager
ExecStartPre=/usr/bin/docker pull swarm:latest
ExecStartPre=-/usr/bin/docker rm -f swarm-manager
ExecStart=/bin/sh -c "/usr/bin/docker run --rm --name swarm-manager -v /etc/docker/ssl:/etc/docker/ssl --net=host swarm:latest manage --tlsverify --tlscacert=/etc/docker/ssl/ca.pem --tlscert=/etc/docker/ssl/cert.pem --tlskey=/etc/docker/ssl/key.pem etcd://$COREOS_PRIVATE_IPV4:2379/docker"
ExecStop=/usr/bin/docker stop swarm-manager
discovery: {{ lookup('file', '/tmp/'+env+'/discovery_url') }}
advertise-client-urls: http://$private_ipv4:2379
initial-advertise-peer-urls: http://$private_ipv4:2380
listen-peer-urls: http://$private_ipv4:2380
data-dir: /var/lib/etcd2
initial-cluster-token: openstackinterop
reboot-strategy: "off"

View File

@ -0,0 +1,13 @@
- name: Get start timestamp
set_fact: starttime="{{ ansible_date_time }}"
- name: Add web servers to webservers host group
name: "swarmnode{{ item }}"
hostname: ""
groups: dockerswarm
host_no: "{{ item }}"
with_sequence: count={{ app_env.swarm_size }}
no_log: True

View File

@ -0,0 +1,34 @@
- name: Get public IP
set_fact: node_ip="{{ swarmnode.openstack.public_v4 }}"
- name: Make certificate configuration file
src: templates/openssl.cnf
dest: "/tmp/{{ env }}/{{ node_ip }}/keys/"
- name: Make service file
src: templates/dockerservice.j2
dest: "/tmp/{{ env }}/{{ node_ip }}/keys/dockerservice.cnf"
- name: Create bootstrap file
src: templates/bootstrap1.j2
dest: "/tmp/{{ env }}/{{ node_ip }}/keys/"
when: swarmnode.openstack.private_v4 == ""
- name: Create bootstrap file
src: templates/bootstrap2.j2
dest: "/tmp/{{ env }}/{{ node_ip }}/keys/"
when: swarmnode.openstack.private_v4 != ""
- name: Transfer configureation
shell: scp -r "/tmp/{{ env }}/{{ node_ip }}/keys" "core@{{ node_ip }}:/home/core"
- name: Transfer certificate file over to the nodes
shell: scp -r "/tmp/{{ env }}/keys" "core@{{ node_ip }}:/home/core"
- name: Start services
shell: ssh "core@{{ node_ip }}" "sh keys/"

View File

@ -0,0 +1,31 @@
mkdir -p /home/core/.docker
cp /home/core/keys/ca.pem /home/core/.docker/
cp /home/core/keys/cert.pem /home/core/.docker/
cp /home/core/keys/key.pem /home/core/.docker/
echo 'subjectAltName = @alt_names' >> /home/core/keys/openssl.cnf
echo '[alt_names]' >> /home/core/keys/openssl.cnf
cd /home/core/keys
echo 'IP.1 = {{ swarmnode.openstack.public_v4 }}' >> openssl.cnf
echo 'DNS.1 = {{ app_env.fqdn }}' >> openssl.cnf
echo 'DNS.2 = {{ swarmnode.openstack.public_v4 }}' >> openssl.cnf
openssl req -new -key key.pem -out cert.csr -subj '/CN=docker-client' -config openssl.cnf
openssl x509 -req -in cert.csr -CA ca.pem -CAkey ca-key.pem \
-CAcreateserial -out cert.pem -days 365 -extensions v3_req -extfile openssl.cnf
sudo mkdir -p /etc/docker/ssl
sudo cp ca.pem /etc/docker/ssl/
sudo cp cert.pem /etc/docker/ssl/
sudo cp key.pem /etc/docker/ssl/
# Apply localized settings to services
sudo mkdir -p /etc/systemd/system/{docker,swarm-agent,swarm-manager}.service.d
sudo mv /home/core/keys/dockerservice.cnf /etc/systemd/system/docker.service.d/10-docker-service.conf
sudo systemctl daemon-reload
sudo systemctl restart docker.service
sudo systemctl start swarm-agent.service
sudo systemctl start swarm-manager.service

View File

@ -0,0 +1,32 @@
mkdir -p /home/core/.docker
cp /home/core/keys/ca.pem /home/core/.docker/
cp /home/core/keys/cert.pem /home/core/.docker/
cp /home/core/keys/key.pem /home/core/.docker/
echo 'subjectAltName = @alt_names' >> /home/core/keys/openssl.cnf
echo '[alt_names]' >> /home/core/keys/openssl.cnf
cd /home/core/keys
echo 'IP.1 = {{ swarmnode.openstack.private_v4 }}' >> openssl.cnf
echo 'IP.2 = {{ swarmnode.openstack.public_v4 }}' >> openssl.cnf
echo 'DNS.1 = {{ app_env.fqdn }}' >> openssl.cnf
echo 'DNS.2 = {{ swarmnode.openstack.public_v4 }}' >> openssl.cnf
openssl req -new -key key.pem -out cert.csr -subj '/CN=docker-client' -config openssl.cnf
openssl x509 -req -in cert.csr -CA ca.pem -CAkey ca-key.pem \
-CAcreateserial -out cert.pem -days 365 -extensions v3_req -extfile openssl.cnf
sudo mkdir -p /etc/docker/ssl
sudo cp ca.pem /etc/docker/ssl/
sudo cp cert.pem /etc/docker/ssl/
sudo cp key.pem /etc/docker/ssl/
# Apply localized settings to services
sudo mkdir -p /etc/systemd/system/{docker,swarm-agent,swarm-manager}.service.d
sudo mv /home/core/keys/dockerservice.cnf /etc/systemd/system/docker.service.d/10-docker-service.conf
sudo systemctl daemon-reload
sudo systemctl restart docker.service
sudo systemctl start swarm-agent.service
sudo systemctl start swarm-manager.service

View File

@ -0,0 +1,2 @@
Environment="DOCKER_OPTS=-H= -H unix:///var/run/docker.sock --tlsverify --tlscacert=/etc/docker/ssl/ca.pem --tlscert=/etc/docker/ssl/cert.pem --tlskey=/etc/docker/ssl/key.pem --cluster-advertise {{app_env.net_device}}:2376 --cluster-store etcd://"

View File

@ -0,0 +1,8 @@
req_extensions = v3_req
distinguished_name = req_distinguished_name
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, serverAuth

View File

@ -0,0 +1,12 @@
- name: Remove docker swarm nodes
state: "absent"
auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: docker-swarm-{{ host_no }}
key_name: "dockerswarm"
timeout: 200
security_groups: dockerswarm_sg
hostname: docker-swarm-{{ host_no }}

View File

@ -0,0 +1,19 @@
- name: Create docker swarm nodes
state: "present"
auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: docker-swarm-{{ host_no }}
image: "{{ app_env.image_name }}"
key_name: "dockerswarm"
timeout: 200
flavor: "{{[0].id }}"
network: "{{ app_env.private_net_name }}"
auto_ip: yes
userdata: "{{ lookup('file', '/tmp/' +env+ '/cloudinit') }}"
security_groups: dockerswarm_sg
hostname: docker-swarm-{{ host_no }}
register: swarmnode

ansible/dockerswarm/site.yml Executable file
View File

@ -0,0 +1,33 @@
- name: prepare for provision
hosts: cloud
connection: local
- "vars/{{ env }}.yml"
- "prep_{{ action }}"
- name: provision swarm nodes
hosts: dockerswarm
serial: 1
connection: local
- "vars/{{ env }}.yml"
- "vm_{{ action }}"
- name: setup swarm nodes
hosts: dockerswarm
connection: local
- "vars/{{ env }}.yml"
- "prov_{{ action }}"
- name: post provisioning
hosts: cloud
connection: local
- "vars/{{ env }}.yml"
- "post_{{ action }}"

View File

@ -0,0 +1,21 @@
horizon_url: ""
auth: {
auth_url: "",
username: "litong01",
password: "{{ password }}",
project_name: "Interop"
app_env: {
image_name: "coreos",
region_name: "",
private_net_name: "interopnet",
net_device: "eth0",
flavor_name: "m1.small",
swarm_version: "latest",
swarm_size: 3,
fqdn: "",
public_key_file: "/home/tong/.ssh/"

View File

@ -0,0 +1,22 @@
horizon_url: ""
auth: {
auth_url: "",
username: "demo",
password: "{{ password }}",
domain_name: "default",
project_name: "demo"
app_env: {
image_name: "CoreOS",
region_name: "",
private_net_name: "Bluebox",
net_device: "eth0",
flavor_name: "m1.small",
swarm_version: "latest",
swarm_size: 3,
fqdn: "",
public_key_file: "/home/tong/.ssh/"

View File

@ -0,0 +1,22 @@
horizon_url: ""
auth: {
auth_url: "",
username: "litong01",
password: "{{ password }}",
domain_name: "default",
project_name: "interop_challenge"
app_env: {
image_name: "coreos",
region_name: "",
private_net_name: "interopnet",
net_device: "eth0",
flavor_name: "m1.small",
swarm_version: "latest",
swarm_size: 3,
fqdn: "",
public_key_file: "/home/tong/.ssh/"

View File

@ -0,0 +1,21 @@
horizon_url: ""
auth: {
auth_url: "",
username: "SXYbmFhC4aqQ",
password: "{{ password }}",
project_name: "2487610196015734"
app_env: {
image_name: "coreos",
region_name: "BHS1",
private_net_name: "",
net_device: "eth0",
flavor_name: "eg-15-ssd",
swarm_version: "latest",
swarm_size: 3,
fqdn: "",
public_key_file: "/home/tong/.ssh/"

ansible/lampstack/.gitignore vendored Executable file
View File

@ -0,0 +1,6 @@

View File

@ -59,6 +59,7 @@ You may create one such file per cloud for your tests.
public_key_file: "/home/ubuntu/.ssh/", public_key_file: "/home/ubuntu/.ssh/",
stack_size: 4, stack_size: 4,
volume_size: 2, volume_size: 2,
block_device_name: "/dev/vdb",
wp_theme: "", wp_theme: "",
wp_posts: "" wp_posts: ""
} }

View File

@ -1,13 +1,18 @@
--- ---
- name: Get start timestamp
set_fact: starttime="{{ ansible_date_time }}"
- name: Retrieve specified flavor - name: Retrieve specified flavor
os_flavor_facts: os_flavor_facts:
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: "{{ app_env.flavor_name }}" name: "{{ app_env.flavor_name }}"
- name: Create a key-pair - name: Create a key-pair
os_keypair: os_keypair:
state: "present" state: "present"
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: "lampstack" name: "lampstack"
public_key_file: "{{ app_env.public_key_file }}" public_key_file: "{{ app_env.public_key_file }}"
@ -15,6 +20,7 @@
os_volume: os_volume:
state: present state: present
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
size: "{{ app_env.volume_size }}" size: "{{ app_env.volume_size }}"
wait: yes wait: yes
display_name: db_volume display_name: db_volume
@ -23,6 +29,7 @@
os_security_group: os_security_group:
state: present state: present
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: lampstack_sg name: lampstack_sg
description: secuirty group for lampstack description: secuirty group for lampstack
@ -30,6 +37,7 @@
os_security_group_rule: os_security_group_rule:
state: present state: present
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
security_group: lampstack_sg security_group: lampstack_sg
protocol: "{{ item.protocol }}" protocol: "{{ item.protocol }}"
direction: "{{ item.dir }}" direction: "{{ item.dir }}"
@ -49,6 +57,7 @@
os_server: os_server:
state: "present" state: "present"
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: database name: database
image: "{{ app_env.image_name }}" image: "{{ app_env.image_name }}"
key_name: "lampstack" key_name: "lampstack"
@ -71,6 +80,7 @@
os_server: os_server:
state: "present" state: "present"
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: balancer name: balancer
image: "{{ app_env.image_name }}" image: "{{ app_env.image_name }}"
key_name: "lampstack" key_name: "lampstack"
@ -93,14 +103,16 @@
os_server_volume: os_server_volume:
state: present state: present
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
server: database server: database
volume: db_volume volume: db_volume
device: /dev/vdb device: "{{ app_env.block_device_name }}"
- name: Create web server nodes to host application - name: Create web server nodes to host application
os_server: os_server:
state: "present" state: "present"
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: apache-{{ item }} name: apache-{{ item }}
image: "{{ app_env.image_name }}" image: "{{ app_env.image_name }}"
key_name: "lampstack" key_name: "lampstack"
@ -120,8 +132,10 @@
name: "{{ item.openstack.public_v4 }}" name: "{{ item.openstack.public_v4 }}"
groups: webservers groups: webservers
with_items: "{{ webserver.results }}" with_items: "{{ webserver.results }}"
no_log: True
- name: Add one web servers to wps host group - name: Add one web servers to wps host group
add_host: add_host:
name: "{{ webserver.results[0].openstack.public_v4 }}" name: "{{ webserver.results[0].openstack.public_v4 }}"
groups: wps groups: wps
no_log: True

View File

@ -1,4 +1,4 @@
#cloud-config #cloud-config
runcmd: runcmd:
- ip=$(ifconfig eth0 | grep "inet addr" | cut -d ':' -f 2 | cut -d ' ' -f 1) - addr=$(ip -4 -o addr | grep -v '' | awk 'NR==1{print $4}' | cut -d '/' -f 1)
- echo $ip `hostname` >> /etc/hosts - echo $addr `hostname` >> /etc/hosts

View File

@ -24,8 +24,12 @@
- name: Add web servers to the haproxy - name: Add web servers to the haproxy
lineinfile: lineinfile:
dest: /etc/haproxy/haproxy.cfg dest: /etc/haproxy/haproxy.cfg
line: " server ws{{ item.openstack.private_v4 }} {{ item.openstack.private_v4 }}:80 check" line: " server ws{{ item[0].openstack[item[1]] }} {{ item[0].openstack[item[1]] }}:80 check"
with_items: "{{ }}" with_nested:
- "{{ }}"
- ["private_v4", "public_v4"]
when: item[0].openstack[item[1]] != ''
no_log: True
- service: name=haproxy state=restarted enabled=yes - service: name=haproxy state=restarted enabled=yes

View File

@ -1,13 +1,19 @@
--- ---
- os_floating_ip: - os_floating_ip:
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
state: absent state: absent
floating_ip_address: "{{ database.openstack.public_v4 }}" floating_ip_address: "{{ database.openstack.public_v4 }}"
server: "{{ }}" server: "{{ }}"
when: database.openstack.private_v4 != ""
no_log: True
- os_floating_ip: - os_floating_ip:
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
state: absent state: absent
floating_ip_address: "{{ item.openstack.public_v4 }}" floating_ip_address: "{{ item.openstack.public_v4 }}"
server: "{{ }}" server: "{{ }}"
with_items: "{{ webserver.results }}" with_items: "{{ webserver.results }}"
when: item.openstack.private_v4 != ""
no_log: True

View File

@ -2,32 +2,20 @@
- stat: path=/tmp/diskflag - stat: path=/tmp/diskflag
register: diskflag register: diskflag
- shell: parted -s /dev/vdb mklabel msdos - shell: parted -s "{{ app_env.block_device_name }}" mklabel msdos
when: diskflag.stat.exists == false when: diskflag.stat.exists == false
- shell: parted -s /dev/vdb mkpart primary ext4 1049kb 100% - shell: parted -s "{{ app_env.block_device_name }}" mkpart primary ext4 1049kb 100%
when: diskflag.stat.exists == false when: diskflag.stat.exists == false
- lineinfile: dest=/tmp/diskflag line="disk is now partitioned!" create=yes - lineinfile: dest=/tmp/diskflag line="disk is now partitioned!" create=yes
- filesystem: fstype=ext4 dev=/dev/vdb1 - filesystem: fstype=ext4 dev="{{ app_env.block_device_name }}1"
- mount: name=/storage src=/dev/vdb1 fstype=ext4 state=mounted - mount: name=/storage src="{{ app_env.block_device_name }}1" fstype=ext4 state=mounted
- shell: ifconfig eth0 | grep 'inet addr:' | cut -d ':' -f 2 | cut -d ' ' -f 1 - shell: ip -4 -o addr | grep -v '' | awk 'NR==1{print $4}' | cut -d '/' -f 1
register: local_ip register: local_ip
- name: Install sipcalc
- shell: sipcalc eth0 | grep 'Network address' | cut -d "-" -f 2 | xargs
register: net_addr
- shell: sipcalc eth0 | grep 'Network mask (bits)' | cut -d "-" -f 2 | xargs
register: net_bit
- name: Creates share directory for database - name: Creates share directory for database
file: path=/storage/sqldatabase state=directory file: path=/storage/sqldatabase state=directory
@ -43,15 +31,20 @@
state=latest state=latest
update_cache=yes update_cache=yes
- name: Setup NFS shares - name: Setup NFS database access
lineinfile: lineinfile:
dest: /etc/exports dest: /etc/exports
line: "{{ }} {{ }}(rw,sync,no_root_squash,no_subtree_check)" line: "/storage/sqldatabase {{ local_ip.stdout }}/32(rw,sync,no_root_squash,no_subtree_check)"
- { name: "/storage/wpcontent", - name: Setup NFS webserver access
net: "{{ net_addr.stdout }}/{{ net_bit.stdout }}" } lineinfile:
- { name: "/storage/sqldatabase", dest: /etc/exports
net: "{{ net_addr.stdout }}/{{ net_bit.stdout }}" } line: "/storage/wpcontent {{ item[0].openstack[item[1]] }}/32(rw,sync,no_root_squash,no_subtree_check)"
- "{{ }}"
- ["private_v4", "public_v4"]
when: item[0].openstack[item[1]] != ''
no_log: True
- name: nfs export - name: nfs export
shell: exportfs -a shell: exportfs -a

View File

@ -1,8 +1,12 @@
--- ---
- name: Get start timestamp
set_fact: starttime="{{ ansible_date_time }}"
- name: Delete key pairs - name: Delete key pairs
os_keypair: os_keypair:
state: "absent" state: "absent"
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: "lampstack" name: "lampstack"
public_key_file: "{{ app_env.public_key_file }}" public_key_file: "{{ app_env.public_key_file }}"
@ -10,6 +14,7 @@
os_server: os_server:
state: "absent" state: "absent"
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: database name: database
image: "{{ app_env.image_name }}" image: "{{ app_env.image_name }}"
key_name: "lampstack" key_name: "lampstack"
@ -22,6 +27,7 @@
os_server: os_server:
state: "absent" state: "absent"
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: balancer name: balancer
image: "{{ app_env.image_name }}" image: "{{ app_env.image_name }}"
key_name: "lampstack" key_name: "lampstack"
@ -34,6 +40,7 @@
os_server: os_server:
state: "absent" state: "absent"
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: apache-{{ item }} name: apache-{{ item }}
image: "{{ app_env.image_name }}" image: "{{ app_env.image_name }}"
key_name: "lampstack" key_name: "lampstack"
@ -47,6 +54,7 @@
os_security_group: os_security_group:
state: absent state: absent
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
name: lampstack_sg name: lampstack_sg
description: secuirty group for lampstack description: secuirty group for lampstack
@ -54,5 +62,6 @@
os_volume: os_volume:
state: absent state: absent
auth: "{{ auth }}" auth: "{{ auth }}"
region_name: "{{ app_env.region_name }}"
wait: yes wait: yes
display_name: db_volume display_name: db_volume

View File

@ -23,12 +23,21 @@
owner: www-data owner: www-data
group: www-data group: www-data
- name: Mount the directory - name: Mount the directory using private IP
mount: mount:
name: /var/www/html/wp-content/uploads name: /var/www/html/wp-content/uploads
src: "{{ }}:/storage/wpcontent" src: "{{ }}:/storage/wpcontent"
state: mounted state: mounted
fstype: nfs fstype: nfs
when: != ""
- name: Mount the directory using public IP
name: /var/www/html/wp-content/uploads
src: "{{ }}:/storage/wpcontent"
state: mounted
fstype: nfs
when: == ""
- lineinfile: dest=/etc/apache2/apache2.conf line="ServerName localhost" - lineinfile: dest=/etc/apache2/apache2.conf line="ServerName localhost"
@ -47,7 +56,7 @@
args: args:
warn: no warn: no
- name: Configure wordpress - name: Configure wordpress database, username and password
replace: replace:
dest: /var/www/html/wp-config.php dest: /var/www/html/wp-config.php
regexp: "'{{ item.then }}'" regexp: "'{{ item.then }}'"
@ -57,8 +66,22 @@
- { then: 'database_name_here', now: 'decision2016' } - { then: 'database_name_here', now: 'decision2016' }
- { then: 'username_here', now: "{{ db_user }}" } - { then: 'username_here', now: "{{ db_user }}" }
- { then: 'password_here', now: "{{ db_pass }}" } - { then: 'password_here', now: "{{ db_pass }}" }
- { then: 'localhost',
now: "{{ }}"} - name: Configure wordpress network access using private IP
dest: /var/www/html/wp-config.php
regexp: "'localhost'"
replace: "'{{ }}'"
backup: no
when: != ""
- name: Configure wordpress network access using public IP
dest: /var/www/html/wp-config.php
regexp: "'localhost'"
replace: "'{{ }}'"
backup: no
when: == ""
- name: Change ownership of wordpress - name: Change ownership of wordpress
shell: chown -R www-data:www-data /var/www/html shell: chown -R www-data:www-data /var/www/html

View File

@ -12,6 +12,8 @@
user: ubuntu user: ubuntu
become: true become: true
become_user: root become_user: root
- "vars/{{ env }}.yml"
roles: roles:
- database - database
@ -61,3 +63,7 @@
http://{{ }}. http://{{ }}.
wordpress userid is wpuser, password is {{ db_pass }} wordpress userid is wpuser, password is {{ db_pass }}
when: is defined when: is defined
- debug:
msg: >-
The work load test started at {{ }},
ended at {{ ansible_date_time.time }}

View File

@ -1,4 +1,6 @@
--- ---
horizon_url: ""
auth: { auth: {
auth_url: "", auth_url: "",
username: "litong01", username: "litong01",
@ -8,12 +10,14 @@ auth: {
app_env: { app_env: {
image_name: "ubuntu-15.04", image_name: "ubuntu-15.04",
region_name: "",
private_net_name: "interopnet", private_net_name: "interopnet",
public_net_name: "external", public_net_name: "external",
flavor_name: "m1.small", flavor_name: "m1.small",
public_key_file: "/home/tong/.ssh/", public_key_file: "/home/tong/.ssh/",
stack_size: 4, stack_size: 4,
volume_size: 10, volume_size: 2,
block_device_name: "/dev/vdb",
wp_theme: "", wp_theme: "",
wp_posts: "" wp_posts: ""
} }

View File

@ -1,4 +1,6 @@
--- ---
horizon_url: ""
auth: { auth: {
auth_url: "", auth_url: "",
username: "demo", username: "demo",
@ -8,13 +10,15 @@ auth: {
} }
app_env: { app_env: {
image_name: "vivid 1504", image_name: "ubuntu-15.04",
region_name: "",
private_net_name: "Bluebox", private_net_name: "Bluebox",
public_net_name: "internet", public_net_name: "internet",
flavor_name: "m1.small", flavor_name: "m1.small",
public_key_file: "/home/tong/.ssh/", public_key_file: "/home/tong/.ssh/",
stack_size: 4, stack_size: 4,
volume_size: 2, volume_size: 2,
block_device_name: "/dev/vdb",
wp_theme: "", wp_theme: "",
wp_posts: "" wp_posts: ""
} }

View File

@ -53,6 +53,7 @@ You also want to specify the name of your CoreOS `glance` image as well as flavo
``` ```
image_name = "coreos-alpha-884-0-0" image_name = "coreos-alpha-884-0-0"
network_name = "internal" network_name = "internal"
net_device = "eth0"
floatingip_pool = "external" floatingip_pool = "external"
flavor = "m1.medium" flavor = "m1.medium"
public_key_path = "~/.ssh/" public_key_path = "~/.ssh/"

terraform/dockerswarm-coreos/ Normal file → Executable file
View File

@ -30,6 +30,9 @@ resource "template_file" "cloud_init" {
resource "template_file" "10_docker_service" { resource "template_file" "10_docker_service" {
template = "templates/10-docker-service.conf" template = "templates/10-docker-service.conf"
vars {
net_device = "${ var.net_device }"
} }
resource "openstack_networking_floatingip_v2" "coreos" { resource "openstack_networking_floatingip_v2" "coreos" {

View File

@ -1,2 +1,2 @@
[Service] [Service]
Environment="DOCKER_OPTS=-H= -H unix:///var/run/docker.sock --tlsverify --tlscacert=/etc/docker/ssl/ca.pem --tlscert=/etc/docker/ssl/cert.pem --tlskey=/etc/docker/ssl/key.pem --cluster-advertise eth0:2376 --cluster-store etcd://" Environment="DOCKER_OPTS=-H= -H unix:///var/run/docker.sock --tlsverify --tlscacert=/etc/docker/ssl/ca.pem --tlscert=/etc/docker/ssl/cert.pem --tlskey=/etc/docker/ssl/key.pem --cluster-advertise ${net_device}:2376 --cluster-store etcd://"

View File

@ -10,6 +10,11 @@ variable "floatingip_pool" {
default = "external" default = "external"
} }
variable "net_device" {
description = "Network interface device in the system"
default = "eth0"
variable "flavor" { variable "flavor" {
default = "m1.medium" default = "m1.medium"
} }