add bootstrapping for the cloud

ansible/playbooks/bootstrap-cloud.yml

@@ -0,0 +1,65 @@
+---
+- name: Bootstrap our cloud with stuff
+  hosts: "{{ host | default('infra1') }}" # Go on infra host by default
+  become: true
+
+  handlers:
+    - import_tasks: handlers/main.yml
+
+  pre_tasks:
+    - name: Check if ansible cannot be run here
+      stat:
+        path: /etc/no-ansible
+      register: no_ansible
+
+    - name: Verify if we can run ansible
+      assert:
+        that:
+          - "not no_ansible.stat.exists"
+        success_msg: "We are able to run on this node"
+        fail_msg: "/etc/no-ansible exists - skipping run on this node"
+
+    - name: Loading Variables from OS Common
+      import_tasks: tasks/common_vars.yml
+
+  tasks:
+    - name: setup flavors
+      openstack.cloud.compute_flavor:
+        cloud: linuxadminbooks
+        state: present
+        name: "{{ item.name }}"
+        ram: "{{ item.ram }}"
+        vcpus: "{{ item.vcpus }}"
+        disk: "{{ item.disk }}"
+        ephemeral: "{{ item.ephemeral }}"
+        is_public: yes
+      tags: flavors
+      # yamllint disable rule:braces
+      loop:
+        - { name: 'tiny', ram: 1024, vcpus: 1, disk: 10, ephemeral: 10 }
+        - { name: 'small', ram: 2048, vcpus: 1, disk: 20, ephemeral: 20 }
+        - { name: 'medium', ram: 4096, vcpus: 2, disk: 20, ephemeral: 40 }
+        - { name: 'large', ram: 8192, vcpus: 4, disk: 20, ephemeral: 80 }
+        - { name: 'xlarge', ram: 16384, vcpus: 8, disk: 20, ephemeral: 100 }
+      # yamllint enable rule:braces
+
+    - name: setup images
+      include_tasks: tasks/upload_image.yml
+      tags: images
+      args:
+        apply:
+          tags: images
+      # yamllint disable rule:braces
+      loop:
+        - { name: 'cirros', filename: 'http://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img', properties: {cpu_arch: x86_64, distro: cirros}}
+        - { name: 'rockylinux85', filename: 'https://dl.rockylinux.org/pub/rocky/8/images/Rocky-8-GenericCloud-8.5-20211114.2.x86_64.qcow2', properties: {cpu_arch: x86_64, distro: rocky}}
+      # yamllint enable rule:braces
+
+  post_tasks:
+    - name: Touching run file that ansible has ran here
+      file:
+        path: /var/log/ansible.run
+        state: touch
+        mode: '0644'
+        owner: root
+        group: root

ansible/playbooks/files/openstack_user_config.yml

@@ -37,15 +37,6 @@ global_overrides:
         net_name: "vxlan"
         group_binds:
           - neutron_linuxbridge_agent
-          #    - network:
-          #        container_bridge: "br-vlan"
-          #        container_type: "veth"
-          #        container_interface: "eth12"
-          #        host_bind_override: "eth12"
-          #        type: "flat"
-          #        net_name: "flat"
-          #        group_binds:
-          #          - neutron_linuxbridge_agent
     - network:
         container_bridge: "br-storage"
         container_type: "veth"
@@ -71,14 +62,6 @@ x-storage-hosts: &x-storage-hosts
     container_vars:
       cinder_backends:
         limit_container_types: cinder_volume
-          #nfs_volume:
-          #  volume_backend_name: NFS_VOLUME1
-          #  volume_driver: cinder.volume.drivers.nfs.NfsDriver
-          #  nfs_mount_options: "rsize=65535,wsize=65535,timeo=1200,actimeo=120"
-          #  nfs_shares_config: /etc/cinder/nfs_shares
-          #  shares:
-          #    - ip: "172.29.228.7"
-          #      share: "/vol/cinder"
         lvm:
           volume_group: cinder-volumes
           volume_driver: cinder.volume.drivers.lvm.LVMVolumeDriver
@@ -94,6 +77,7 @@ repo-infra_hosts:
   <<: *x-infra-hosts
 haproxy_hosts:
   <<: *x-infra-hosts
+
 ##
 ## OpenStack
 ##

ansible/playbooks/files/openstack_user_config.yml.ceph

@@ -0,0 +1,109 @@
+---
+cidr_networks:
+  container: 172.29.220.0/22
+  tunnel: 172.29.224.0/22
+  storage: 172.29.228.0/22
+
+used_ips:
+  - "172.29.220.1,172.29.220.50"
+  - "172.29.224.1,172.29.224.50"
+  - "172.29.228.1,172.29.228.50"
+
+
+global_overrides:
+  # The internal and external VIP should be different IPs, however they
+  # do not need to be on separate networks.
+  external_lb_vip_address: 172.29.220.10
+  internal_lb_vip_address: 172.29.220.11
+  management_bridge: "br-mgmt"
+  provider_networks:
+    - network:
+        container_bridge: "br-mgmt"
+        container_type: "veth"
+        container_interface: "eth1"
+        ip_from_q: "container"
+        type: "raw"
+        group_binds:
+          - all_containers
+          - hosts
+        is_container_address: true
+    - network:
+        container_bridge: "br-vxlan"
+        container_type: "veth"
+        container_interface: "eth10"
+        ip_from_q: "tunnel"
+        type: "vxlan"
+        range: "1:1000"
+        net_name: "vxlan"
+        group_binds:
+          - neutron_linuxbridge_agent
+    - network:
+        container_bridge: "br-storage"
+        container_type: "veth"
+        container_interface: "eth2"
+        ip_from_q: "storage"
+        type: "raw"
+        group_binds:
+          - glance_api
+          - cinder_api
+          - cinder_volume
+          - nova_compute
+
+
+x-infra-hosts: &x-infra-hosts
+  infra1:
+    ip: 172.29.220.5
+x-compute-hosts: &x-compute-hosts
+  compute1:
+    ip: 172.29.220.6
+x-storage-hosts: &x-storage-hosts
+  storage1:
+    ip: 172.29.220.7
+  storage2:
+    ip: 172.29.220.8
+  storage3:
+    ip: 172.29.220.9
+
+##
+## Ceph
+##
+ceph-mon_hosts:
+  <<: *x-storage-hosts
+ceph-osd_hosts:
+  <<: *x-storage-hosts
+ceph-rgw_hosts:
+  <<: *x-storage-hosts
+
+##
+## Infrastructure
+##
+shared-infra_hosts:
+  <<: *x-infra-hosts
+repo-infra_hosts:
+  <<: *x-infra-hosts
+haproxy_hosts:
+  <<: *x-infra-hosts
+
+##
+## OpenStack
+##
+identity_hosts:
+  <<: *x-infra-hosts
+storage-infra_hosts:
+  <<: *x-infra-hosts
+image_hosts:
+  <<: *x-infra-hosts
+placement-infra_hosts:
+  <<: *x-infra-hosts
+compute-infra_hosts:
+  <<: *x-infra-hosts
+orchestration_hosts:
+  <<: *x-infra-hosts
+dashboard_hosts:
+  <<: *x-infra-hosts
+network_hosts:
+  <<: *x-infra-hosts
+compute_hosts:
+  <<: *x-compute-hosts
+storage_hosts:
+  <<: *x-infra-hosts

ansible/playbooks/files/user_graylog.yml

@@ -0,0 +1,15 @@
+graylog_password_secret: "%QGWQASqrneb&qNpkSHp2bnis7hdw$jG2XcP5n9tDX@wpN2XA2*wskunfzA@6MDWpEbpT7Qsc#KFS26KR4n$XiCR7m$43^*v"
+graylog_root_username: "admin"
+graylog_root_password_sha2: "665903cabea02680f8b71807b7c2e1a1698507f71654316fadba6966948a002c" # The output of `echo -n yourpassword | shasum -a 256`
+haproxy_extra_services:
+  - service:
+      haproxy_service_name: graylog
+      haproxy_backend_nodes: "{{ [groups['graylog_hosts'][0]] | default([]) }}"
+      haproxy_ssl: "{{ haproxy_ssl }}"
+      haproxy_port: 9000
+      haproxy_balance_type: http
+      haproxy_backend_arguments:
+        - "http-request set-header X-Graylog-Server-URL https://{{ external_lb_vip_address }}:9000"
+
+graylog_targets:
+  - "{{ groups['graylog_hosts'][0] }}:12201"

ansible/playbooks/tasks/infra-host.yml

@@ -35,17 +35,16 @@
         creates: /etc/openstack_deploy/user_secrets.yml.tar
   when: aio_install is undefined | default(false)
 
-- import_tasks: tasks/python3-lxc.yml
+    #- import_tasks: tasks/python3-lxc.yml
 
-- name:
-  copy:
-    content: ""
-    dest: /usr/share/lxc/config/rockylinux.common.conf
-    mode: '0644'
-    owner: root
-    group: root
-
-  tags: python3-lxc
+    #- name:
+    #  copy:
+    #    content: ""
+    #    dest: /usr/share/lxc/config/rockylinux.common.conf
+    #    mode: '0644'
+    #    owner: root
+    #    group: root
+    #  tags: python3-lxc
 
 - name: "[AIO] Deploy and setup configuration / bootstrap"
   when: aio_install | default('false') | bool

ansible/playbooks/tasks/init-nodes.yml

@@ -97,12 +97,6 @@
         version: 'master'
       tags: repos
 
-    - name: fetch patch
-      ansible.builtin.shell: 'git fetch https://review.opendev.org/openstack/openstack-ansible refs/changes/73/823573/8 && git checkout FETCH_HEAD'
-      args:
-        chdir: /opt/openstack-ansible/
-
-
     - name: Create ssh key for root
       ansible.builtin.user:
         name: root

ansible/playbooks/tasks/upload_image.yml

@@ -0,0 +1,18 @@
+---
+- name: "[Upload Image] Download image - {{ item.filename }}"
+  ansible.builtin.get_url:
+    url: "{{ item.filename }}"
+    dest: "/tmp/{{ item.filename | checksum }}"
+
+- name: Upload image to openstack
+  openstack.cloud.image:
+    cloud: linuxadminbooks
+    state: present
+    is_public: yes
+    name: "{{ item.name }}"
+    container_format: "{{ item.containerformat | default('bare') }}" #bare
+    disk_format: "{{ item.diskformat | default('qcow2') }}" # qcow2
+    filename: "/tmp/{{ item.filename | checksum }}"
+    tags:
+      - custom
+    properties: "{{ item.properties }}"

ansible/roles/requirements.yml

@@ -5,3 +5,4 @@ collections:
   - name: ansible.posix
   - name: ansible.utils
   - name: netbox.netbox
+  - name: openstack.cloud

ansible/scripts/clouds.py

@@ -0,0 +1,24 @@
+#!/usr/bin/python3
+
+"""
+Adapted From http://adam.younglogic.com/2022/03/generating-a-clouds-yaml-file/ - collected 2022-04-07
+"""
+import os, yaml
+
+clouds = {
+   "clouds":{
+        "linuxadminbooks": {
+            "auth" : {
+                "auth_url" : os.environ["OS_AUTH_URL"],
+                "project_name": os.environ["OS_PROJECT_NAME"],
+                "project_domain_name": os.environ["OS_PROJECT_DOMAIN_NAME"],
+                "username": os.environ["OS_USERNAME"],
+                "user_domain_name": os.environ["OS_USER_DOMAIN_NAME"],
+                "password": os.environ["OS_PASSWORD"]
+            }
+        }
+    }
+}
+
+
+print(yaml.dumps(clouds))