move compute rules to roles
This commit is contained in:
parent
b11b5959fb
commit
c567c06a06
2 changed files with 108 additions and 105 deletions
|
@ -21,117 +21,13 @@
|
||||||
- fas_client
|
- fas_client
|
||||||
- collectd/base
|
- collectd/base
|
||||||
- sudo
|
- sudo
|
||||||
|
- cloud_compute
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- include: "{{ tasks }}/yumrepos.yml"
|
- include: "{{ tasks }}/yumrepos.yml"
|
||||||
- include: "{{ tasks }}/2fa_client.yml"
|
- include: "{{ tasks }}/2fa_client.yml"
|
||||||
- include: "{{ tasks }}/motd.yml"
|
- include: "{{ tasks }}/motd.yml"
|
||||||
|
|
||||||
- authorized_key: user=root key="{{ lookup('file', files + '/fedora-cloud/fed09-ssh-key.pub') }}"
|
|
||||||
|
|
||||||
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^ONBOOT=" line="ONBOOT=yes"
|
|
||||||
notify:
|
|
||||||
- restart network
|
|
||||||
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^NETMASK=" line="NETMASK=255.255.255.0"
|
|
||||||
notify:
|
|
||||||
- restart network
|
|
||||||
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^IPADDR=" line="IPADDR={{compute_private_ip}}"
|
|
||||||
notify:
|
|
||||||
- restart network
|
|
||||||
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="BOOTPROTO=" line="BOOTPROTO=none"
|
|
||||||
notify:
|
|
||||||
- restart network
|
|
||||||
|
|
||||||
- yum: state=present name=http://rdo.fedorapeople.org/rdo-release.rpm
|
|
||||||
|
|
||||||
# http://docs.openstack.org/icehouse/install-guide/install/yum/content/nova-compute.html
|
|
||||||
- name: install the Compute packages necessary for the controller node.
|
|
||||||
action: yum state=present pkg={{ item }}
|
|
||||||
with_items:
|
|
||||||
- openstack-nova-compute
|
|
||||||
- python-novaclient
|
|
||||||
- openstack-utils
|
|
||||||
- name: Set up db connection to controller
|
|
||||||
action: command openstack-config --set /etc/nova/nova.conf database connection mysql://nova:{{NOVA_DBPASS}}@{{controller_private_ip}}/nova
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://{{controller_private_ip}}:5000
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host {{controller_private_ip}}
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password {{NOVA_PASS}}
|
|
||||||
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend qpid
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname {{controller_private_ip}}
|
|
||||||
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT my_ip {{compute_private_ip}}
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address {{compute_private_ip}}
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url http://{{controller_private_ip}}:6080/vnc_auto.html
|
|
||||||
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT glance_host {{controller_private_ip}}
|
|
||||||
|
|
||||||
- service: name=libvirtd state=started enabled=yes
|
|
||||||
- service: name=messagebus state=started enabled=yes
|
|
||||||
- service: name=openstack-nova-compute state=started enabled=yes
|
|
||||||
|
|
||||||
# http://docs.openstack.org/icehouse/install-guide/install/yum/content/neutron-ml2-compute-node.html
|
|
||||||
- sysctl: name=net.ipv4.conf.all.rp_filter value=0 state=present sysctl_set=yes reload=yes
|
|
||||||
- sysctl: name=net.ipv4.conf.default.rp_filter value=0 state=present sysctl_set=yes reload=yes
|
|
||||||
|
|
||||||
- name: install the Networking components
|
|
||||||
action: yum state=present pkg={{ item }}
|
|
||||||
with_items:
|
|
||||||
- openstack-neutron-ml2
|
|
||||||
- openstack-neutron-openvswitch
|
|
||||||
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://{{controller_private_ip}}:5000
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host {{controller_private_ip}}
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password {{NEUTRON_PASS}}
|
|
||||||
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_qpid
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_hostname {{controller_private_ip}}
|
|
||||||
|
|
||||||
# uncomment if you want to debug compute instance
|
|
||||||
#- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT verbose True
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
|
|
||||||
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
|
|
||||||
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers local,flat,gre
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types gre
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre tunnel_id_ranges 1:1000
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs local_ip {{compute_private_ip}}
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs tunnel_type gre
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs enable_tunneling True
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
|
||||||
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True
|
|
||||||
|
|
||||||
- service: name=openvswitch state=started enabled=yes
|
|
||||||
- command: ovs-vsctl --may-exist add-br br-int
|
|
||||||
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_url http://{{controller_private_ip}}:9696
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_auth_strategy keystone
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_tenant_name service
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_username neutron
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_password {{NEUTRON_PASS}}
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_auth_url http://{{controller_private_ip}}:35357/v2.0
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
|
|
||||||
- command: openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api neutron
|
|
||||||
|
|
||||||
- file: src=/etc/neutron/plugins/ml2/ml2_conf.ini dest=/etc/neutron/plugin.ini state=link
|
|
||||||
|
|
||||||
- service: name=neutron-openvswitch-agent state=started enabled=yes
|
|
||||||
|
|
||||||
handlers:
|
handlers:
|
||||||
- include: "{{ handlers }}/restart_services.yml"
|
- include: "{{ handlers }}/restart_services.yml"
|
||||||
- include: "{{ handlers }}/semanage.yml"
|
- include: "{{ handlers }}/semanage.yml"
|
||||||
|
|
107
roles/cloud_compute/tasks/main.yml
Normal file
107
roles/cloud_compute/tasks/main.yml
Normal file
|
@ -0,0 +1,107 @@
|
||||||
|
---
|
||||||
|
# Configure another compute node for Fedora Cloud
|
||||||
|
|
||||||
|
- authorized_key: user=root key="{{ lookup('file', files + '/fedora-cloud/fed09-ssh-key.pub') }}"
|
||||||
|
|
||||||
|
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^ONBOOT=" line="ONBOOT=yes"
|
||||||
|
notify:
|
||||||
|
- restart network
|
||||||
|
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^NETMASK=" line="NETMASK=255.255.255.0"
|
||||||
|
notify:
|
||||||
|
- restart network
|
||||||
|
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^IPADDR=" line="IPADDR={{compute_private_ip}}"
|
||||||
|
notify:
|
||||||
|
- restart network
|
||||||
|
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="BOOTPROTO=" line="BOOTPROTO=none"
|
||||||
|
notify:
|
||||||
|
- restart network
|
||||||
|
|
||||||
|
- yum: state=present name=http://rdo.fedorapeople.org/rdo-release.rpm
|
||||||
|
|
||||||
|
# http://docs.openstack.org/icehouse/install-guide/install/yum/content/nova-compute.html
|
||||||
|
- name: install the Compute packages necessary for the controller node.
|
||||||
|
action: yum state=present pkg={{ item }}
|
||||||
|
with_items:
|
||||||
|
- openstack-nova-compute
|
||||||
|
- python-novaclient
|
||||||
|
- openstack-utils
|
||||||
|
- name: Set up db connection to controller
|
||||||
|
action: command openstack-config --set /etc/nova/nova.conf database connection mysql://nova:{{NOVA_DBPASS}}@{{controller_private_ip}}/nova
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://{{controller_private_ip}}:5000
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host {{controller_private_ip}}
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password {{NOVA_PASS}}
|
||||||
|
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend qpid
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname {{controller_private_ip}}
|
||||||
|
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT my_ip {{compute_private_ip}}
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address {{compute_private_ip}}
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url http://{{controller_private_ip}}:6080/vnc_auto.html
|
||||||
|
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT glance_host {{controller_private_ip}}
|
||||||
|
|
||||||
|
- service: name=libvirtd state=started enabled=yes
|
||||||
|
- service: name=messagebus state=started enabled=yes
|
||||||
|
- service: name=openstack-nova-compute state=started enabled=yes
|
||||||
|
|
||||||
|
# http://docs.openstack.org/icehouse/install-guide/install/yum/content/neutron-ml2-compute-node.html
|
||||||
|
- sysctl: name=net.ipv4.conf.all.rp_filter value=0 state=present sysctl_set=yes reload=yes
|
||||||
|
- sysctl: name=net.ipv4.conf.default.rp_filter value=0 state=present sysctl_set=yes reload=yes
|
||||||
|
|
||||||
|
- name: install the Networking components
|
||||||
|
action: yum state=present pkg={{ item }}
|
||||||
|
with_items:
|
||||||
|
- openstack-neutron-ml2
|
||||||
|
- openstack-neutron-openvswitch
|
||||||
|
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://{{controller_private_ip}}:5000
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host {{controller_private_ip}}
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password {{NEUTRON_PASS}}
|
||||||
|
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_qpid
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_hostname {{controller_private_ip}}
|
||||||
|
|
||||||
|
# uncomment if you want to debug compute instance
|
||||||
|
#- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT verbose True
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
|
||||||
|
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
|
||||||
|
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers local,flat,gre
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types gre
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre tunnel_id_ranges 1:1000
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs local_ip {{compute_private_ip}}
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs tunnel_type gre
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs enable_tunneling True
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
||||||
|
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True
|
||||||
|
|
||||||
|
- service: name=openvswitch state=started enabled=yes
|
||||||
|
- command: ovs-vsctl --may-exist add-br br-int
|
||||||
|
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_url http://{{controller_private_ip}}:9696
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_auth_strategy keystone
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_tenant_name service
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_username neutron
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_password {{NEUTRON_PASS}}
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_auth_url http://{{controller_private_ip}}:35357/v2.0
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
|
||||||
|
- command: openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api neutron
|
||||||
|
|
||||||
|
- file: src=/etc/neutron/plugins/ml2/ml2_conf.ini dest=/etc/neutron/plugin.ini state=link
|
||||||
|
|
||||||
|
- service: name=neutron-openvswitch-agent state=started enabled=yes
|
Loading…
Add table
Add a link
Reference in a new issue