| commit | author | age | ||
| d154d4 | 1 | --- |
| GC | 2 | - hosts: localhost |
| 3 | gather_facts: false | |
| 4 | vars: | |
| 5 | api_user: "{{ guid }}" | |
| 6 | tasks: | |
| 7 | - set_fact: | |
| 8 | api_pass: "{{ lookup('password', '/dev/null length=20 chars=ascii_letters') }}" | |
| 9 | ||
| 688487 | 10 | - import_tasks: pull_repo.yml |
| GC | 11 | |
| d154d4 | 12 | - name: Check if project exists |
| GC | 13 | environment: |
| 14 | OS_AUTH_URL: "{{ osp_auth_url }}" | |
| 15 | OS_USERNAME: "{{ osp_auth_username }}" | |
| 16 | OS_PASSWORD: "{{ osp_auth_password }}" | |
| 17 | OS_PROJECT_NAME: "admin" | |
| 18 | OS_PROJECT_DOMAIN_ID: "{{ osp_auth_project_domain }}" | |
| 19 | OS_USER_DOMAIN_NAME: "{{ osp_auth_user_domain }}" | |
| 20 | os_project_info: | |
| 21 | name: "{{ osp_project_name }}" | |
| 22 | register: project_exists | |
| 23 | ||
| 24 | - fail: | |
| 25 | msg: Project exists, can't continue | |
| 26 | when: project_exists.openstack_projects | |
| 27 | ||
| 28 | - name: Create project and assign permission | |
| 29 | register: stack_admin_output | |
| 30 | environment: | |
| 31 | OS_AUTH_URL: "{{ osp_auth_url }}" | |
| 32 | OS_USERNAME: "{{ osp_auth_username }}" | |
| 33 | OS_PASSWORD: "{{ osp_auth_password }}" | |
| 34 | OS_PROJECT_NAME: "admin" | |
| 35 | OS_PROJECT_DOMAIN_ID: "{{ osp_auth_project_domain }}" | |
| 36 | OS_USER_DOMAIN_NAME: "{{ osp_auth_user_domain }}" | |
| 37 | os_stack: | |
| 38 | name: "create-project-{{osp_project_name}}" | |
| 688487 | 39 | template: "{{ output_dir }}/imported-templates/heat-templates/{{ project }}/stack_admin.yaml" |
| d154d4 | 40 | parameters: |
| GC | 41 | project_name: "{{ osp_project_name }}" |
| 42 | project_guid: "{{ guid }}" | |
| 43 | project_description: "created:{{ ansible_date_time.epoch }}" | |
| 44 | project_api_user: "{{ guid }}" | |
| 45 | project_api_pass: "{{ api_pass }}" | |
| 46 | blueprint: "{{ project }}" | |
| 47 | ||
| 48 | # when deleting we need to be able to authenticate using that project | |
| 49 | - name: Grant access to admin account to the new project | |
| 50 | environment: | |
| 51 | OS_AUTH_URL: "{{ osp_auth_url }}" | |
| 52 | OS_USERNAME: "{{ osp_auth_username }}" | |
| 53 | OS_PASSWORD: "{{ osp_auth_password }}" | |
| 54 | OS_PROJECT_NAME: "admin" | |
| 55 | OS_PROJECT_DOMAIN_ID: "{{ osp_auth_project_domain }}" | |
| 56 | OS_USER_DOMAIN_NAME: "{{ osp_auth_user_domain }}" | |
| 57 | os_user_role: | |
| 58 | state: present | |
| 59 | user: "{{ osp_auth_username }}" | |
| 60 | role: "admin" | |
| 61 | project: "{{ osp_project_name }}" | |
| 62 | ||
| 63 | - name: Create objects inside the project | |
| 64 | register: stack_user_output | |
| 65 | environment: | |
| 66 | OS_AUTH_URL: "{{ osp_auth_url }}" | |
| 67 | OS_USERNAME: "{{ guid }}" | |
| 68 | OS_PASSWORD: "{{ api_pass }}" | |
| 69 | OS_PROJECT_NAME: "{{ osp_project_name }}" | |
| 70 | OS_PROJECT_DOMAIN_ID: "{{ osp_auth_project_domain }}" | |
| 71 | OS_USER_DOMAIN_NAME: "{{ osp_auth_user_domain }}" | |
| 72 | os_stack: | |
| 73 | name: "create-objects-{{osp_project_name}}" | |
| 688487 | 74 | template: "{{ output_dir }}/imported-templates/heat-templates/{{ project }}/stack_user.yaml" |
| d154d4 | 75 | parameters: |
| GC | 76 | project_name: "{{ osp_project_name }}" |
| 77 | public_net_id: "{{ external_network }}" | |
| 78 | api_url: "{{ osp_auth_url }}" | |
| 79 | api_user: "{{ guid }}" | |
| 80 | api_pass: "{{ api_pass }}" | |
| 81 | project_guid: "{{ guid }}" | |
| 82 | ||
| 83 | - name: Save infra_key content | |
| 84 | set_fact: | |
| 85 | infra_private_key_content: "{{ stack_user_output | json_query(query) }}" | |
| 86 | vars: | |
| 87 | query: "stack.outputs[?@.output_key=='openstack_project_infra_key'].output_value|[0]" | |
| 88 | ||
| 89 | - name: Set infra_ssh_key path | |
| 90 | set_fact: | |
| 91 | infra_ssh_key: "{{ output_dir}}/{{ guid }}_infra_ssh_key.pem" | |
| 92 | ||
| 93 | - name: Copy infra_key content to output_dir | |
| 94 | copy: | |
| 95 | dest: "{{ infra_ssh_key }}" | |
| 96 | content: "{{ infra_private_key_content }}" | |
| 97 | mode: 0600 | |
| 98 | ||
| 99 | - debug: | |
| 100 | var: stack_user_output | |
| 101 | verbosity: 2 | |
| 102 | ||
| 103 | - name: Gather instance facts | |
| 104 | environment: | |
| 105 | OS_AUTH_URL: "{{ osp_auth_url }}" | |
| 106 | OS_USERNAME: "{{ guid }}" | |
| 107 | OS_PASSWORD: "{{ api_pass }}" | |
| 108 | OS_PROJECT_NAME: "{{ osp_project_name }}" | |
| 109 | OS_PROJECT_DOMAIN_ID: "{{ osp_auth_project_domain }}" | |
| 110 | OS_USER_DOMAIN_NAME: "{{ osp_auth_user_domain }}" | |
| 111 | os_server_facts: | |
| 112 | server: "*" | |
| 113 | filters: | |
| 114 | metadata: | |
| 115 | guid: "{{ guid }}" | |
| 116 | register: r_osp_facts | |
| 117 | ||
| 118 | - loop: "{{ r_osp_facts.ansible_facts.openstack_servers }}" | |
| 119 | loop_control: | |
| 120 | loop_var: _server | |
| 121 | ||
| 122 | environment: | |
| 123 | OS_AUTH_URL: "{{ osp_auth_url }}" | |
| 124 | OS_USERNAME: "{{ guid }}" | |
| 125 | OS_PASSWORD: "{{ api_pass }}" | |
| 126 | OS_PROJECT_NAME: "{{ osp_project_name }}" | |
| 127 | OS_PROJECT_DOMAIN_ID: "{{ osp_auth_project_domain }}" | |
| 128 | OS_USER_DOMAIN_NAME: "{{ osp_auth_user_domain }}" | |
| 129 | ||
| 130 | os_server_metadata: | |
| 131 | name: "{{ _server.name }}" | |
| 132 | meta: | |
| 133 | env_type: "{{ env_type }}" | |
| 134 | ||
| 135 | - name: debug osp_facts | |
| 136 | debug: | |
| 137 | var: r_osp_facts | |
| 138 | ||
| 139 | - name: Iterate over all instances and create DNS entries | |
| 140 | loop: "{{ r_osp_facts.ansible_facts.openstack_servers }}" | |
| 141 | loop_control: | |
| 142 | loop_var: _instance | |
| 143 | when: _instance.public_v4 | default('') != '' | |
| 144 | vars: | |
| 145 | _infra_osp_dns_default_ttl: 300 | |
| 146 | _dns_state: present | |
| 147 | ||
| 148 | include_tasks: instance_loop.yml | |
| 149 | ||
| 150 | # Run common OSP create-inventory but don't use server.name. | |
| 151 | # Use server.metadata.hostname instead | |
| 152 | - name: Run infra-osp-create-inventory Role | |
| 153 | include_role: | |
| 154 | name: infra-osp-create-inventory | |
| 155 | vars: | |
| 156 | _name_selector: 'metadata.hostname' | |
| 157 | ||
| 158 | - name: Run Common SSH Config Generator Role | |
| 159 | import_role: | |
| 160 | name: infra-common-ssh-config-generate | |
| 161 | ||
| 162 | # include global vars again, this time for all hosts now that the inventory is built | |
| 163 | - import_playbook: ../../include_vars.yml | |
| 164 | tags: | |
| 165 | - create_inventory | |
| 166 | - must | |
| 167 | ||
| 168 | - name: Step 001.3 Configure Linux Hosts and Wait for Connection | |
| 169 | hosts: | |
| 170 | # For now, only bastion is necessary | |
| 171 | - bastions:!windows:!network | |
| 172 | gather_facts: false | |
| 173 | any_errors_fatal: true | |
| 174 | ignore_errors: false | |
| 175 | tags: | |
| 176 | - step001 | |
| 177 | - step001.3 | |
| 178 | - wait_ssh | |
| 179 | tasks: | |
| 180 | - name: set facts for remote access | |
| 181 | tags: | |
| 182 | - create_inventory | |
| 183 | set_fact: | |
| 184 | # set python interpreter: Useful when the distrib running ansible has a different path | |
| 185 | # ex: when running using the alpine image | |
| 186 | #ansible_python_interpreter: env python | |
| 187 | ansible_ssh_common_args: >- | |
| 188 | {{ ansible_ssh_extra_args|d() }} | |
| 189 | -F {{ output_dir }}/{{ env_type }}_{{ guid }}_ssh_conf | |
| 190 | -o ControlPath=/tmp/{{ guid }}-%r-%h-%p | |
| 191 | ||
| 192 | - name: Run infra-osp-wait_for_linux_hosts Role | |
| 193 | import_role: | |
| 194 | name: infra-osp-wait_for_linux_hosts | |
