Rewrite Vagrant file using ansible and Centos 8

Depends-On: Ifa876b3e5f89258f40055fa7ce03f5e9c601771c
Change-Id: I806c76bff85210f74cd23c29835f41c174b8c960

Vagrantfile

@@ -5,45 +5,43 @@
 VAGRANTFILE_API_VERSION = "2"
 
 # Customize the count of CPU cores on the VM
-CPUS = 2
+CPUS = 4
 
 # Customize the amount of memory on the VM
-MEMORY = 8192
+MEMORY = ENV.fetch("VM_SIZE", "4096").to_i
 
 # Every Vagrant development environment requires a box. You can search for
 # boxes at https://vagrantcloud.com/search.
-BOX = "generic/centos7"
+BOX = ENV.fetch("VM_BOX", "generic/centos8")
 
+# Machine host name
 HOSTNAME = "tobiko"
 
-# Directory where Vagrantfile directory is copied or mounted to the VM
+# Top vagrantfile dir
-TOBIKO_SRC_DIR = "/vagrant"
+VAGRANTFILE_DIR = File.dirname(__FILE__)
 
-# Default prefix to OpenStack Git repositories
+# Source provision playbook
-OPENSTACK_GIT_BASE = "https://git.openstack.org"
+PROVISION_PLAYBOOK = ENV.fetch(
-
+  "PROVISION_PLAYBOOK", "#{VAGRANTFILE_DIR}/vagrant/devstack/provision.yaml")
-# DevStack Git repo URL and branch
-DEVSTACK_GIT_REPO = "#{OPENSTACK_GIT_BASE}/openstack-dev/devstack"
-DEVSTACK_GIT_BRANCH = "stable/train"
-
-# DevStack destination directory
-DEVSTACK_DEST_DIR = "/opt/stack"
-
-# DevStack source file directory
-DEVSTACK_SRC_DIR = "#{DEVSTACK_DEST_DIR}/devstack"
 
 # Host IP address to be assigned to OpenStack in DevStack
-DEVSTACK_HOST_IP = "172.18.161.6"
+HOST_IP = "192.168.33.10"
 
-# local.conf file to be used for DevStack provisioning (es local.conf)
+# Red Hat supscription parameters
-DEVSTACK_CONF_FILENAME = 'local.conf' # 'ovn-local.conf'
+REDHAT_ACTIVATIONKEY = ENV.fetch("REDHAT_ACTIVATIONKEY", "")
+REDHAT_USERNAME = ENV.fetch("REDHAT_USERNAME", "")
+REDHAT_PASSWORD = ENV.fetch("REDHAT_PASSWORD", "")
 
-# Local directory with local projects subdirs
+# Local directory from where look for devstack project
-LOCAL_PROJECT_DIR = '..'
+DEVSTACK_SRC_DIR =  ENV.fetch(
+  "DEVSTACK_SRC_DIR", "#{File.dirname(VAGRANTFILE_DIR)}/devstack")
 
-# Local projects to be copied from LOCAL_PROJECT_DIR to DEVSTACK_DEST_DIR
+# Local directory from where looking for tobiko project files
-LOCAL_PROJECT_NAMES = [] # ['devstack', 'networking-ovn']
+TOBIKO_SRC_DIR = ENV.fetch("TOBIKO_SRC_DIR", VAGRANTFILE_DIR)
 
+# Local directory from where looking for requirements project files
+REQUIREMENTS_SRC_DIR =  ENV.fetch(
+  "REQUIREMENTS_SRC_DIR", "#{File.dirname(VAGRANTFILE_DIR)}/requirements")
 
 # All Vagrant configuration is done below. The "2" in Vagrant.configure
 # configures the configuration version (we support older styles for
@@ -54,7 +52,10 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
   # For a complete reference, please see the online documentation at
   # https://docs.vagrantup.com.
 
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
   config.vm.box = BOX
+  # config.vm.box_version = "< 3.0"
   config.vm.hostname = HOSTNAME
 
   # Disable automatic box update checking. If you disable this, then
@@ -75,12 +76,12 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
 
   # Create a private network, which allows host-only access to the machine
   # using a specific IP.
-  config.vm.network "private_network", ip: DEVSTACK_HOST_IP
+  config.vm.network "private_network", ip: HOST_IP
 
   # Create a public network, which generally matched to bridged network.
   # Bridged networks make the machine appear as another physical device on
   # your network.
-  # config.vm.network "public_network", ip: "172.18.161.6"
+  # config.vm.network "public_network"
 
   # Share an additional folder to the guest VM. The first argument is
   # the path on the host to the actual folder. The second argument is
@@ -91,7 +92,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
   # Provider-specific configuration so you can fine-tune various
   # backing providers for Vagrant. These expose provider-specific options.
   # Example for VirtualBox:
-
+  #
   config.vm.provider "virtualbox" do |vb|
     # Display the VirtualBox GUI when booting the machine
     vb.gui = false
@@ -105,73 +106,19 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
     libvirt.memory =  MEMORY
   end
 
-  config.vm.synced_folder ".", "/vagrant", type: "rsync",
+  # Run provision playbook
-    rsync__exclude: [".tox/", "tobiko.conf", ".tobiko", ".infrared"]
+  config.vm.provision "ansible" do |ansible|
-
+    ansible.limit = 'all'
-  # OS faults doesn't support other ports for SSH connection used by ansible
+    ansible.playbook = PROVISION_PLAYBOOK
-  config.vm.network "forwarded_port", guest: 22, host: 22
+    ansible.extra_vars = ansible.extra_vars = {
-
+      'redhat_activationkey' => REDHAT_ACTIVATIONKEY,
-  # View the documentation for the provider you are using for more
+      'redhat_username' => REDHAT_USERNAME,
-  # information on available options.
+      'redhat_password' => REDHAT_PASSWORD,
-
+      'devstack_src_dir' => DEVSTACK_SRC_DIR,
-  # Use the same DNS server as the host machine
+      'requirements_src_dir' => REQUIREMENTS_SRC_DIR,
-  config.vm.provision "file", source: "/etc/resolv.conf",
+      'tobiko_src_dir' => TOBIKO_SRC_DIR,
-    destination: "~/resolv.conf"
+    }
-  config.vm.provision "shell", privileged: false,
-    inline: "sudo mv ~/resolv.conf /etc/resolv.conf"
-
-  # Copy local project directories to DevStack DEST directory
-  for project_name in LOCAL_PROJECT_NAMES do
-    local_dir = "#{LOCAL_PROJECT_DIR}/#{project_name}"
-    if Dir.exist?(local_dir) then
-      target_dir = "#{DEVSTACK_DEST_DIR}/#{project_name}"
-      config.vm.synced_folder local_dir, target_dir, type: "rsync",
-        rsync__exclude: [".tox/"]
-    end
   end
 
-  # Enable provisioning with a shell script. Additional provisioners such as
-  # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
-  # documentation for more information about their specific syntax and use.
-  config.vm.provision "shell", privileged: false, inline: <<-SHELL
-    set -uex
-    if ! sudo su - stack; then
-      # setup stack user
-      sudo useradd -s /bin/bash -d '#{DEVSTACK_DEST_DIR}' -m stack
-      sudo chmod 755 '#{DEVSTACK_DEST_DIR}'
-      echo "stack ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/stack
-    fi
-
-    if ! [ -d '#{DEVSTACK_DEST_DIR}/tobiko' ]; then
-      sudo mkdir -p '#{DEVSTACK_DEST_DIR}/tobiko'
-      sudo mount --bind /vagrant '#{DEVSTACK_DEST_DIR}/tobiko'
-    fi
-
-    # Generate provision RC file to pass variables to provision script
-    sudo echo '
-      export TOBIKO_SRC_DIR=#{TOBIKO_SRC_DIR}
-      export OPENSTACK_GIT_BASE=#{OPENSTACK_GIT_BASE}
-      export DEVSTACK_GIT_REPO=#{DEVSTACK_GIT_REPO}
-      export DEVSTACK_GIT_BRANCH=#{DEVSTACK_GIT_BRANCH}
-      export DEVSTACK_SRC_DIR=#{DEVSTACK_SRC_DIR}
-      export DEVSTACK_DEST_DIR=#{DEVSTACK_DEST_DIR}
-      export DEVSTACK_HOST_IP=#{DEVSTACK_HOST_IP}
-      export DEVSTACK_CONF_FILENAME=#{DEVSTACK_CONF_FILENAME}
-    ' > ./provisionrc
-    sudo mv ./provisionrc '#{DEVSTACK_DEST_DIR}/provisionrc'
-
-    # Execute provision script as stack user
-    sudo su -l stack -c '#{TOBIKO_SRC_DIR}/devstack/vagrant/provision.bash'
-
-    # Tobiko requires to write tobiko.log to devstack log directory
-    sudo chmod 777 '#{DEVSTACK_DEST_DIR}/logs'
-
-    # Tobiko requires to ssh as vagrant@localhost a vagrant user
-    if ! [ -f ~/.ssh/id_rsa ]; then
-        ssh-keygen -N '' -t rsa -f ~/.ssh/id_rsa
-        cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
-        chmod -fR go-rwx ~/.ssh
-    fi
-
-  SHELL
 end
+

ansible.cfg

@@ -5,6 +5,8 @@ timeout = 30
 force_color = 0
 interpreter_python = auto
 
+roles_path = roles/
+
 [ssh_connection]
 pipelining = True
 ssh_args = -o ControlMaster=auto -o ControlPersist=60s

roles/tobiko-copy-resolv-conf/defaults/main.yaml

@@ -0,0 +1,3 @@
+---
+
+resolv_conf_file: '/etc/resolv.conf'

roles/tobiko-copy-resolv-conf/tasks/main.yaml

@@ -0,0 +1,10 @@
+---
+
+- name: copy '{{ resolv_conf_file}}' file
+  become: yes
+  copy:
+    src: '{{ resolv_conf_file}}'
+    dest: /etc/resolv.conf
+    owner: root
+    group: root
+    mode: '0644'

roles/tobiko-devstack/defaults/main.yaml

@@ -0,0 +1,13 @@
+---
+
+devstack_dest_dir: /opt/stack
+devstack_dir: '{{ devstack_dest_dir }}/devstack'
+devstack_git_repo: 'http://opendev.org/openstack/devstack'
+devstack_git_version: 'master'
+devstack_local_conf_file: 'local.conf'
+devstack_requirements_dir: '{{ devstack_dest_dir }}/requirements'
+devstack_tobiko_dir: '{{ devstack_dest_dir }}/tobiko'
+
+devstack_src_dir: '{{ devstack_workspace_dir }}/devstack'
+
+sudo_secure_path: '/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'

roles/tobiko-devstack/meta/main.yaml

@@ -0,0 +1,4 @@
+---
+
+dependencies:
+  - tobiko-common

roles/tobiko-devstack/tasks/deploy-devstack.yaml

@@ -0,0 +1,51 @@
+---
+
+- name: "check '{{ devstack_src_dir }}' exists"
+  stat:
+    path: '{{ devstack_src_dir }}'
+  delegate_to: localhost
+  register: check_devstack_src_dir_exists
+  when: "(devstack_src_dir | length) > 0"
+  failed_when: no
+
+
+- name: "ensure '{{ devstack_dir }}' exists"
+  become: yes
+  become_user: root
+  file:
+    path: '{{ devstack_dir | realpath }}'
+    state: directory
+    mode: '0755'
+    owner: stack
+    group: stack
+    recurse: yes
+
+
+- become: yes
+  become_user: stack
+  block:
+
+    - name: "copy '{{ devstack_src_dir }}' to '{{ devstack_dir }}'"
+      synchronize:
+        group: no
+        owner: no
+        src: "{{ devstack_src_dir | realpath }}/."
+        dest: "{{ devstack_dir | realpath }}"
+        use_ssh_args: yes
+        recursive: yes
+        rsync_opts:
+          - '--exclude-from={{ devstack_src_dir | realpath }}/.gitignore'
+      register: copy_devstack_src_dir
+      when: check_devstack_src_dir_exists.stat.isdir | default(False)
+
+    - name: fetch DevStack sources from '{{ devstack_git_repo }}'
+      git:
+        repo: '{{ devstack_git_repo }}'
+        dest: '{{ devstack_dir }}'
+        version: '{{ devstack_git_version }}'
+      when: copy_devstack_src_dir is skipped
+
+    - name: copy local.conf file
+      copy:
+        src: '{{ devstack_local_conf_file }}'
+        dest: '{{ devstack_dir }}/local.conf'

roles/tobiko-devstack/tasks/deploy-requirements.yaml

@@ -0,0 +1,34 @@
+---
+
+- name: "check '{{ requirements_src_dir }}' exists"
+  stat:
+    path: '{{ requirements_src_dir }}'
+  delegate_to: localhost
+  register: check_requirements_src_dir_exists
+
+
+- name: "ensure '{{ devstack_tobiko_dir }}' exists"
+  become: yes
+  become_user: root
+  file:
+    path: '{{ devstack_requirements_dir | realpath }}'
+    state: directory
+    mode: '0755'
+    owner: stack
+    group: stack
+
+
+- name: "copy '{{ requirements_src_dir }}' to '{{ devstack_requirements_dir }}'"
+  become: yes
+  become_user: stack
+  synchronize:
+    group: no
+    owner: no
+    src: "{{ requirements_src_dir | realpath }}/."
+    dest: "{{ devstack_requirements_dir | realpath }}"
+    use_ssh_args: yes
+    recursive: yes
+    rsync_opts:
+      - '--exclude-from={{ tobiko_src_dir | realpath }}/.gitignore'
+  register: copy_requirements_src_dir
+  when: check_requirements_src_dir_exists.stat.isdir | default(False)

roles/tobiko-devstack/tasks/deploy-tobiko.yaml

@@ -0,0 +1,35 @@
+---
+
+- name: "check '{{ tobiko_src_dir }}' exists"
+  stat:
+    path: '{{ tobiko_src_dir }}'
+  delegate_to: localhost
+  register: check_tobiko_src_dir_exists
+
+
+- name: "ensure '{{ devstack_tobiko_dir }}' exists"
+  become: yes
+  become_user: root
+  file:
+    path: '{{ devstack_tobiko_dir | realpath }}'
+    state: directory
+    mode: '0755'
+    owner: stack
+    group: stack
+    recurse: yes
+
+
+- name: "copy '{{ tobiko_src_dir }}' to '{{ devstack_tobiko_dir }}'"
+  become: yes
+  become_user: stack
+  synchronize:
+    group: no
+    owner: no
+    src: "{{ tobiko_src_dir | realpath }}/."
+    dest: "{{ devstack_tobiko_dir | realpath }}"
+    use_ssh_args: yes
+    recursive: yes
+    rsync_opts:
+      - '--exclude-from={{ tobiko_src_dir | realpath }}/.gitignore'
+  register: copy_tobiko_src_dir
+  when: check_tobiko_src_dir_exists.stat.isdir | default(False)

roles/tobiko-devstack/tasks/ensure-stack-user.yaml

@@ -0,0 +1,45 @@
+---
+
+- name: ensure /usr/local/bin is in sudo secure path
+  become: yes
+  lineinfile:
+    path: /etc/sudoers
+    regexp: 'secure_path'
+    line: 'Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin'
+    validate: '/usr/sbin/visudo -cf %s'
+
+
+- name: ensure stack group exists
+  become: yes
+  group:
+    name: stack
+    state: present
+
+
+- name: ensure stack user exists
+  become: yes
+  user:
+    name: stack
+    home: '{{ devstack_dest_dir }}'
+    comment: DevStack user
+    group: stack
+    shell: /bin/bash
+
+
+- name: ensure stack user has sudo privileges
+  become: yes
+  copy:
+    dest: /etc/sudoers.d/stack
+    content: |
+      stack ALL=(ALL) NOPASSWD: ALL
+
+
+- name: ensure stack user home exists
+  become: yes
+  become_user: root
+  file:
+    path: '{{ devstack_dest_dir | realpath }}'
+    state: directory
+    mode: '0755'
+    owner: stack
+    group: stack

roles/tobiko-devstack/tasks/install-bindeps.yaml

@@ -0,0 +1,13 @@
+---
+
+- name: "ensure DevStack bindeps are installed"
+  become: true
+  package:
+    name:
+      - git
+      - iptables
+      - python3
+      - python3-pip
+      - python3-systemd
+      - rsync
+      - sudo

roles/tobiko-devstack/tasks/main.yaml

@@ -0,0 +1,9 @@
+---
+
+- include_tasks: install-bindeps.yaml
+- include_tasks: ensure-stack-user.yaml
+- include_tasks: run-unstack.yaml
+- include_tasks: deploy-devstack.yaml
+- include_tasks: deploy-requirements.yaml
+- include_tasks: deploy-tobiko.yaml
+- include_tasks: run-stack.yaml

roles/tobiko-devstack/tasks/run-stack.yaml

@@ -0,0 +1,16 @@
+---
+
+- name: run stack.sh
+  become: yes
+  become_user: stack
+  command:
+    cmd: /bin/bash ./stack.sh
+    chdir: '{{ devstack_dir }}'
+    executable: '/bin/bash'
+  register: run_stack
+  ignore_errors: yes
+
+
+- name: show stack.sh output
+  debug: var=run_stack.stderr_lines
+  failed_when: yes

roles/tobiko-devstack/tasks/run-unstack.yaml

@@ -0,0 +1,23 @@
+---
+
+- name: check '{{ devstack_dir }}/local.conf' exists
+  stat:
+    path: '{{ devstack_dir }}/local.conf'
+  register: check_devstack_local_conf_file_exists
+  failed_when: no
+
+
+- name: run unstack.sh
+  become: yes
+  become_user: stack
+  command:
+    cmd: /bin/bash ./unstack.sh
+    chdir: '{{ devstack_dir }}'
+  register: run_unstack
+  ignore_errors: yes
+  when:
+    check_devstack_local_conf_file_exists.stat.exists | default(False)
+
+
+- debug: var=run_unstack.stderr_lines
+  when: run_unstack is failed

roles/tobiko-ensure-python3/tasks/install.yaml

@@ -15,11 +15,6 @@
   register: install_python_packages
 
 
-- name: "show installed packages"
-  debug: var=install_python_packages.changes
-  when: install_python_packages is changed
-
-
 - name: "compile python 3 from sources"
   include_role: name=tobiko-compile-python
   when:

roles/tobiko-ensure-ssh-keys/defaults/main.yaml

@@ -0,0 +1,3 @@
+---
+
+ssh_key_file: '{{ playbook_dir }}/ssh_identity'

roles/tobiko-ensure-ssh-keys/tasks/main.yaml

@@ -0,0 +1,22 @@
+---
+
+- name: "generate local SSH key '{{ ssh_key_file }}'"
+  openssh_keypair:
+    path: '{{ ssh_key_file }}'
+    type: rsa
+    size: 4096
+    state: present
+    force: no
+  delegate_to: localhost
+
+
+- name: "copy '{{ ssh_key_file }}' file to host"
+  copy:
+    src: '{{ ssh_key_file }}{{ item }}'
+    dest: '/home/vagrant/.ssh/id_rsa{{ item }}'
+    owner: vagrant
+    group: vagrant
+    mode: '0600'
+  loop:
+    - ''
+    - '.pub'

roles/tobiko-redhat-subscription/defaults/main.yaml

@@ -0,0 +1,5 @@
+---
+
+redhat_activationkey:
+redhat_username:
+redhat_password:

roles/tobiko-redhat-subscription/tasks/main.yaml

@@ -0,0 +1,13 @@
+---
+
+- name: subscribe to Red Hat repositories
+  become: yes
+  redhat_subscription:
+    state: present
+    activationkey: '{{ redhat_activationkey or omit }}'
+    username: '{{ redhat_username or omit }}'
+    password: '{{ redhat_password or omit }}'
+    auto_attach: yes
+  when:
+    - ansible_distribution == 'RedHat'
+    - redhat_activationkey or redhat_username

vagrant/devstack/local.conf

@@ -0,0 +1,23 @@
+[[local|localrc]]
+ADMIN_PASSWORD=secret
+DATABASE_PASSWORD=$ADMIN_PASSWORD
+RABBIT_PASSWORD=$ADMIN_PASSWORD
+SERVICE_PASSWORD=$ADMIN_PASSWORD
+
+LOGFILE=/opt/stack/devstack/stack.log
+
+
+# Configure Neutron -----------------------------------------------------------
+
+HOST_IP=192.168.33.10
+IP_VERSION=4
+
+
+# Configure Heat --------------------------------------------------------------
+
+enable_plugin heat https://git.openstack.org/openstack/heat
+
+
+# Configure Tobiko ------------------------------------------------------------
+
+enable_plugin tobiko https://git.openstack.org/x/tobiko

vagrant/devstack/provision.yaml

@@ -0,0 +1,24 @@
+---
+
+- hosts: all
+  vars:
+    tobiko_src_dir: "{{ playbook_dir | realpath | dirname | dirname }}"
+
+  pre_tasks:
+    - debug: var=tobiko_src_dir
+
+    - name: "update APT database"
+      apt:
+        update_cache: yes
+        cache_valid_time: 3600
+      become: yes
+      when:
+        - ansible_os_family == 'Debian'
+
+  roles:
+
+    - tobiko-copy-resolv-conf
+    - tobiko-redhat-subscription
+    - tobiko-ensure-ssh-keys
+    - tobiko-ensure-python3
+    - tobiko-devstack