Compare commits
2 Commits
2968e83f5b
...
f35776479e
Author | SHA1 | Date | |
---|---|---|---|
|
f35776479e | ||
|
4f0bb1f4af |
65
ansible/playbooks/bootstrap-cloud.yml
Normal file
65
ansible/playbooks/bootstrap-cloud.yml
Normal file
@ -0,0 +1,65 @@
|
|||||||
|
---
|
||||||
|
- name: Bootstrap our cloud with stuff
|
||||||
|
hosts: "{{ host | default('infra1') }}" # Go on infra host by default
|
||||||
|
become: true
|
||||||
|
|
||||||
|
handlers:
|
||||||
|
- import_tasks: handlers/main.yml
|
||||||
|
|
||||||
|
pre_tasks:
|
||||||
|
- name: Check if ansible cannot be run here
|
||||||
|
stat:
|
||||||
|
path: /etc/no-ansible
|
||||||
|
register: no_ansible
|
||||||
|
|
||||||
|
- name: Verify if we can run ansible
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- "not no_ansible.stat.exists"
|
||||||
|
success_msg: "We are able to run on this node"
|
||||||
|
fail_msg: "/etc/no-ansible exists - skipping run on this node"
|
||||||
|
|
||||||
|
- name: Loading Variables from OS Common
|
||||||
|
import_tasks: tasks/common_vars.yml
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: setup flavors
|
||||||
|
openstack.cloud.compute_flavor:
|
||||||
|
cloud: linuxadminbooks
|
||||||
|
state: present
|
||||||
|
name: "{{ item.name }}"
|
||||||
|
ram: "{{ item.ram }}"
|
||||||
|
vcpus: "{{ item.vcpus }}"
|
||||||
|
disk: "{{ item.disk }}"
|
||||||
|
ephemeral: "{{ item.ephemeral }}"
|
||||||
|
is_public: yes
|
||||||
|
tags: flavors
|
||||||
|
# yamllint disable rule:braces
|
||||||
|
loop:
|
||||||
|
- { name: 'tiny', ram: 1024, vcpus: 1, disk: 10, ephemeral: 10 }
|
||||||
|
- { name: 'small', ram: 2048, vcpus: 1, disk: 20, ephemeral: 20 }
|
||||||
|
- { name: 'medium', ram: 4096, vcpus: 2, disk: 20, ephemeral: 40 }
|
||||||
|
- { name: 'large', ram: 8192, vcpus: 4, disk: 20, ephemeral: 80 }
|
||||||
|
- { name: 'xlarge', ram: 16384, vcpus: 8, disk: 20, ephemeral: 100 }
|
||||||
|
# yamllint enable rule:braces
|
||||||
|
|
||||||
|
- name: setup images
|
||||||
|
include_tasks: tasks/upload_image.yml
|
||||||
|
tags: images
|
||||||
|
args:
|
||||||
|
apply:
|
||||||
|
tags: images
|
||||||
|
# yamllint disable rule:braces
|
||||||
|
loop:
|
||||||
|
- { name: 'cirros', filename: 'http://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img', properties: {cpu_arch: x86_64, distro: cirros}}
|
||||||
|
- { name: 'rockylinux85', filename: 'https://dl.rockylinux.org/pub/rocky/8/images/Rocky-8-GenericCloud-8.5-20211114.2.x86_64.qcow2', properties: {cpu_arch: x86_64, distro: rocky}}
|
||||||
|
# yamllint enable rule:braces
|
||||||
|
|
||||||
|
post_tasks:
|
||||||
|
- name: Touching run file that ansible has ran here
|
||||||
|
file:
|
||||||
|
path: /var/log/ansible.run
|
||||||
|
state: touch
|
||||||
|
mode: '0644'
|
||||||
|
owner: root
|
||||||
|
group: root
|
@ -37,15 +37,6 @@ global_overrides:
|
|||||||
net_name: "vxlan"
|
net_name: "vxlan"
|
||||||
group_binds:
|
group_binds:
|
||||||
- neutron_linuxbridge_agent
|
- neutron_linuxbridge_agent
|
||||||
# - network:
|
|
||||||
# container_bridge: "br-vlan"
|
|
||||||
# container_type: "veth"
|
|
||||||
# container_interface: "eth12"
|
|
||||||
# host_bind_override: "eth12"
|
|
||||||
# type: "flat"
|
|
||||||
# net_name: "flat"
|
|
||||||
# group_binds:
|
|
||||||
# - neutron_linuxbridge_agent
|
|
||||||
- network:
|
- network:
|
||||||
container_bridge: "br-storage"
|
container_bridge: "br-storage"
|
||||||
container_type: "veth"
|
container_type: "veth"
|
||||||
@ -71,14 +62,6 @@ x-storage-hosts: &x-storage-hosts
|
|||||||
container_vars:
|
container_vars:
|
||||||
cinder_backends:
|
cinder_backends:
|
||||||
limit_container_types: cinder_volume
|
limit_container_types: cinder_volume
|
||||||
#nfs_volume:
|
|
||||||
# volume_backend_name: NFS_VOLUME1
|
|
||||||
# volume_driver: cinder.volume.drivers.nfs.NfsDriver
|
|
||||||
# nfs_mount_options: "rsize=65535,wsize=65535,timeo=1200,actimeo=120"
|
|
||||||
# nfs_shares_config: /etc/cinder/nfs_shares
|
|
||||||
# shares:
|
|
||||||
# - ip: "172.29.228.7"
|
|
||||||
# share: "/vol/cinder"
|
|
||||||
lvm:
|
lvm:
|
||||||
volume_group: cinder-volumes
|
volume_group: cinder-volumes
|
||||||
volume_driver: cinder.volume.drivers.lvm.LVMVolumeDriver
|
volume_driver: cinder.volume.drivers.lvm.LVMVolumeDriver
|
||||||
@ -94,6 +77,7 @@ repo-infra_hosts:
|
|||||||
<<: *x-infra-hosts
|
<<: *x-infra-hosts
|
||||||
haproxy_hosts:
|
haproxy_hosts:
|
||||||
<<: *x-infra-hosts
|
<<: *x-infra-hosts
|
||||||
|
|
||||||
##
|
##
|
||||||
## OpenStack
|
## OpenStack
|
||||||
##
|
##
|
||||||
|
109
ansible/playbooks/files/openstack_user_config.yml.ceph
Normal file
109
ansible/playbooks/files/openstack_user_config.yml.ceph
Normal file
@ -0,0 +1,109 @@
|
|||||||
|
---
|
||||||
|
cidr_networks:
|
||||||
|
container: 172.29.220.0/22
|
||||||
|
tunnel: 172.29.224.0/22
|
||||||
|
storage: 172.29.228.0/22
|
||||||
|
|
||||||
|
used_ips:
|
||||||
|
- "172.29.220.1,172.29.220.50"
|
||||||
|
- "172.29.224.1,172.29.224.50"
|
||||||
|
- "172.29.228.1,172.29.228.50"
|
||||||
|
|
||||||
|
|
||||||
|
global_overrides:
|
||||||
|
# The internal and external VIP should be different IPs, however they
|
||||||
|
# do not need to be on separate networks.
|
||||||
|
external_lb_vip_address: 172.29.220.10
|
||||||
|
internal_lb_vip_address: 172.29.220.11
|
||||||
|
management_bridge: "br-mgmt"
|
||||||
|
provider_networks:
|
||||||
|
- network:
|
||||||
|
container_bridge: "br-mgmt"
|
||||||
|
container_type: "veth"
|
||||||
|
container_interface: "eth1"
|
||||||
|
ip_from_q: "container"
|
||||||
|
type: "raw"
|
||||||
|
group_binds:
|
||||||
|
- all_containers
|
||||||
|
- hosts
|
||||||
|
is_container_address: true
|
||||||
|
- network:
|
||||||
|
container_bridge: "br-vxlan"
|
||||||
|
container_type: "veth"
|
||||||
|
container_interface: "eth10"
|
||||||
|
ip_from_q: "tunnel"
|
||||||
|
type: "vxlan"
|
||||||
|
range: "1:1000"
|
||||||
|
net_name: "vxlan"
|
||||||
|
group_binds:
|
||||||
|
- neutron_linuxbridge_agent
|
||||||
|
- network:
|
||||||
|
container_bridge: "br-storage"
|
||||||
|
container_type: "veth"
|
||||||
|
container_interface: "eth2"
|
||||||
|
ip_from_q: "storage"
|
||||||
|
type: "raw"
|
||||||
|
group_binds:
|
||||||
|
- glance_api
|
||||||
|
- cinder_api
|
||||||
|
- cinder_volume
|
||||||
|
- nova_compute
|
||||||
|
|
||||||
|
|
||||||
|
x-infra-hosts: &x-infra-hosts
|
||||||
|
infra1:
|
||||||
|
ip: 172.29.220.5
|
||||||
|
x-compute-hosts: &x-compute-hosts
|
||||||
|
compute1:
|
||||||
|
ip: 172.29.220.6
|
||||||
|
x-storage-hosts: &x-storage-hosts
|
||||||
|
storage1:
|
||||||
|
ip: 172.29.220.7
|
||||||
|
storage2:
|
||||||
|
ip: 172.29.220.8
|
||||||
|
storage3:
|
||||||
|
ip: 172.29.220.9
|
||||||
|
|
||||||
|
##
|
||||||
|
## Ceph
|
||||||
|
##
|
||||||
|
ceph-mon_hosts:
|
||||||
|
<<: *x-storage-hosts
|
||||||
|
ceph-osd_hosts:
|
||||||
|
<<: *x-storage-hosts
|
||||||
|
ceph-rgw_hosts:
|
||||||
|
<<: *x-storage-hosts
|
||||||
|
|
||||||
|
##
|
||||||
|
## Infrastructure
|
||||||
|
##
|
||||||
|
shared-infra_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
repo-infra_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
haproxy_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
|
||||||
|
##
|
||||||
|
## OpenStack
|
||||||
|
##
|
||||||
|
identity_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
storage-infra_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
image_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
placement-infra_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
compute-infra_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
orchestration_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
dashboard_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
network_hosts:
|
||||||
|
<<: *x-infra-hosts
|
||||||
|
compute_hosts:
|
||||||
|
<<: *x-compute-hosts
|
||||||
|
storage_hosts:
|
||||||
|
<<: *x-infra-hosts
|
15
ansible/playbooks/files/user_graylog.yml
Normal file
15
ansible/playbooks/files/user_graylog.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
graylog_password_secret: "%QGWQASqrneb&qNpkSHp2bnis7hdw$jG2XcP5n9tDX@wpN2XA2*wskunfzA@6MDWpEbpT7Qsc#KFS26KR4n$XiCR7m$43^*v"
|
||||||
|
graylog_root_username: "admin"
|
||||||
|
graylog_root_password_sha2: "665903cabea02680f8b71807b7c2e1a1698507f71654316fadba6966948a002c" # The output of `echo -n yourpassword | shasum -a 256`
|
||||||
|
haproxy_extra_services:
|
||||||
|
- service:
|
||||||
|
haproxy_service_name: graylog
|
||||||
|
haproxy_backend_nodes: "{{ [groups['graylog_hosts'][0]] | default([]) }}"
|
||||||
|
haproxy_ssl: "{{ haproxy_ssl }}"
|
||||||
|
haproxy_port: 9000
|
||||||
|
haproxy_balance_type: http
|
||||||
|
haproxy_backend_arguments:
|
||||||
|
- "http-request set-header X-Graylog-Server-URL https://{{ external_lb_vip_address }}:9000"
|
||||||
|
|
||||||
|
graylog_targets:
|
||||||
|
- "{{ groups['graylog_hosts'][0] }}:12201"
|
@ -35,17 +35,16 @@
|
|||||||
creates: /etc/openstack_deploy/user_secrets.yml.tar
|
creates: /etc/openstack_deploy/user_secrets.yml.tar
|
||||||
when: aio_install is undefined | default(false)
|
when: aio_install is undefined | default(false)
|
||||||
|
|
||||||
- import_tasks: tasks/python3-lxc.yml
|
#- import_tasks: tasks/python3-lxc.yml
|
||||||
|
|
||||||
- name:
|
#- name:
|
||||||
copy:
|
# copy:
|
||||||
content: ""
|
# content: ""
|
||||||
dest: /usr/share/lxc/config/rockylinux.common.conf
|
# dest: /usr/share/lxc/config/rockylinux.common.conf
|
||||||
mode: '0644'
|
# mode: '0644'
|
||||||
owner: root
|
# owner: root
|
||||||
group: root
|
# group: root
|
||||||
|
# tags: python3-lxc
|
||||||
tags: python3-lxc
|
|
||||||
|
|
||||||
- name: "[AIO] Deploy and setup configuration / bootstrap"
|
- name: "[AIO] Deploy and setup configuration / bootstrap"
|
||||||
when: aio_install | default('false') | bool
|
when: aio_install | default('false') | bool
|
||||||
|
@ -97,12 +97,6 @@
|
|||||||
version: 'master'
|
version: 'master'
|
||||||
tags: repos
|
tags: repos
|
||||||
|
|
||||||
- name: fetch patch
|
|
||||||
ansible.builtin.shell: 'git fetch https://review.opendev.org/openstack/openstack-ansible refs/changes/73/823573/8 && git checkout FETCH_HEAD'
|
|
||||||
args:
|
|
||||||
chdir: /opt/openstack-ansible/
|
|
||||||
|
|
||||||
|
|
||||||
- name: Create ssh key for root
|
- name: Create ssh key for root
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
name: root
|
name: root
|
||||||
|
18
ansible/playbooks/tasks/upload_image.yml
Normal file
18
ansible/playbooks/tasks/upload_image.yml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
---
|
||||||
|
- name: "[Upload Image] Download image - {{ item.filename }}"
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: "{{ item.filename }}"
|
||||||
|
dest: "/tmp/{{ item.filename | checksum }}"
|
||||||
|
|
||||||
|
- name: Upload image to openstack
|
||||||
|
openstack.cloud.image:
|
||||||
|
cloud: linuxadminbooks
|
||||||
|
state: present
|
||||||
|
is_public: yes
|
||||||
|
name: "{{ item.name }}"
|
||||||
|
container_format: "{{ item.containerformat | default('bare') }}" #bare
|
||||||
|
disk_format: "{{ item.diskformat | default('qcow2') }}" # qcow2
|
||||||
|
filename: "/tmp/{{ item.filename | checksum }}"
|
||||||
|
tags:
|
||||||
|
- custom
|
||||||
|
properties: "{{ item.properties }}"
|
@ -5,3 +5,4 @@ collections:
|
|||||||
- name: ansible.posix
|
- name: ansible.posix
|
||||||
- name: ansible.utils
|
- name: ansible.utils
|
||||||
- name: netbox.netbox
|
- name: netbox.netbox
|
||||||
|
- name: openstack.cloud
|
||||||
|
24
ansible/scripts/clouds.py
Normal file
24
ansible/scripts/clouds.py
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
#!/usr/bin/python3
|
||||||
|
|
||||||
|
"""
|
||||||
|
Adapted From http://adam.younglogic.com/2022/03/generating-a-clouds-yaml-file/ - collected 2022-04-07
|
||||||
|
"""
|
||||||
|
import os, yaml
|
||||||
|
|
||||||
|
clouds = {
|
||||||
|
"clouds":{
|
||||||
|
"linuxadminbooks": {
|
||||||
|
"auth" : {
|
||||||
|
"auth_url" : os.environ["OS_AUTH_URL"],
|
||||||
|
"project_name": os.environ["OS_PROJECT_NAME"],
|
||||||
|
"project_domain_name": os.environ["OS_PROJECT_DOMAIN_NAME"],
|
||||||
|
"username": os.environ["OS_USERNAME"],
|
||||||
|
"user_domain_name": os.environ["OS_USER_DOMAIN_NAME"],
|
||||||
|
"password": os.environ["OS_PASSWORD"]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
print(yaml.dumps(clouds))
|
Loading…
Reference in New Issue
Block a user