move compute rules to roles

This commit is contained in:
Miroslav Suchý 2014-09-24 13:44:46 +00:00
parent b11b5959fb
commit c567c06a06
2 changed files with 108 additions and 105 deletions

View file

@ -21,117 +21,13 @@
- fas_client - fas_client
- collectd/base - collectd/base
- sudo - sudo
- cloud_compute
tasks: tasks:
- include: "{{ tasks }}/yumrepos.yml" - include: "{{ tasks }}/yumrepos.yml"
- include: "{{ tasks }}/2fa_client.yml" - include: "{{ tasks }}/2fa_client.yml"
- include: "{{ tasks }}/motd.yml" - include: "{{ tasks }}/motd.yml"
- authorized_key: user=root key="{{ lookup('file', files + '/fedora-cloud/fed09-ssh-key.pub') }}"
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^ONBOOT=" line="ONBOOT=yes"
notify:
- restart network
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^NETMASK=" line="NETMASK=255.255.255.0"
notify:
- restart network
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^IPADDR=" line="IPADDR={{compute_private_ip}}"
notify:
- restart network
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="BOOTPROTO=" line="BOOTPROTO=none"
notify:
- restart network
- yum: state=present name=http://rdo.fedorapeople.org/rdo-release.rpm
# http://docs.openstack.org/icehouse/install-guide/install/yum/content/nova-compute.html
- name: install the Compute packages necessary for the controller node.
action: yum state=present pkg={{ item }}
with_items:
- openstack-nova-compute
- python-novaclient
- openstack-utils
- name: Set up db connection to controller
action: command openstack-config --set /etc/nova/nova.conf database connection mysql://nova:{{NOVA_DBPASS}}@{{controller_private_ip}}/nova
- command: openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://{{controller_private_ip}}:5000
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host {{controller_private_ip}}
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password {{NOVA_PASS}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend qpid
- command: openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname {{controller_private_ip}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT my_ip {{compute_private_ip}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address {{compute_private_ip}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url http://{{controller_private_ip}}:6080/vnc_auto.html
- command: openstack-config --set /etc/nova/nova.conf DEFAULT glance_host {{controller_private_ip}}
- service: name=libvirtd state=started enabled=yes
- service: name=messagebus state=started enabled=yes
- service: name=openstack-nova-compute state=started enabled=yes
# http://docs.openstack.org/icehouse/install-guide/install/yum/content/neutron-ml2-compute-node.html
- sysctl: name=net.ipv4.conf.all.rp_filter value=0 state=present sysctl_set=yes reload=yes
- sysctl: name=net.ipv4.conf.default.rp_filter value=0 state=present sysctl_set=yes reload=yes
- name: install the Networking components
action: yum state=present pkg={{ item }}
with_items:
- openstack-neutron-ml2
- openstack-neutron-openvswitch
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://{{controller_private_ip}}:5000
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host {{controller_private_ip}}
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password {{NEUTRON_PASS}}
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_qpid
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_hostname {{controller_private_ip}}
# uncomment if you want to debug compute instance
#- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT verbose True
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers local,flat,gre
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types gre
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre tunnel_id_ranges 1:1000
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs local_ip {{compute_private_ip}}
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs tunnel_type gre
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs enable_tunneling True
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True
- service: name=openvswitch state=started enabled=yes
- command: ovs-vsctl --may-exist add-br br-int
- command: openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_url http://{{controller_private_ip}}:9696
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_auth_strategy keystone
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_tenant_name service
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_username neutron
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_password {{NEUTRON_PASS}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_auth_url http://{{controller_private_ip}}:35357/v2.0
- command: openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
- command: openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
- command: openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api neutron
- file: src=/etc/neutron/plugins/ml2/ml2_conf.ini dest=/etc/neutron/plugin.ini state=link
- service: name=neutron-openvswitch-agent state=started enabled=yes
handlers: handlers:
- include: "{{ handlers }}/restart_services.yml" - include: "{{ handlers }}/restart_services.yml"
- include: "{{ handlers }}/semanage.yml" - include: "{{ handlers }}/semanage.yml"

View file

@ -0,0 +1,107 @@
---
# Configure another compute node for Fedora Cloud
- authorized_key: user=root key="{{ lookup('file', files + '/fedora-cloud/fed09-ssh-key.pub') }}"
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^ONBOOT=" line="ONBOOT=yes"
notify:
- restart network
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^NETMASK=" line="NETMASK=255.255.255.0"
notify:
- restart network
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^IPADDR=" line="IPADDR={{compute_private_ip}}"
notify:
- restart network
- lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="BOOTPROTO=" line="BOOTPROTO=none"
notify:
- restart network
- yum: state=present name=http://rdo.fedorapeople.org/rdo-release.rpm
# http://docs.openstack.org/icehouse/install-guide/install/yum/content/nova-compute.html
- name: install the Compute packages necessary for the controller node.
action: yum state=present pkg={{ item }}
with_items:
- openstack-nova-compute
- python-novaclient
- openstack-utils
- name: Set up db connection to controller
action: command openstack-config --set /etc/nova/nova.conf database connection mysql://nova:{{NOVA_DBPASS}}@{{controller_private_ip}}/nova
- command: openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://{{controller_private_ip}}:5000
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host {{controller_private_ip}}
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
- command: openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password {{NOVA_PASS}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend qpid
- command: openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname {{controller_private_ip}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT my_ip {{compute_private_ip}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0
- command: openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address {{compute_private_ip}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url http://{{controller_private_ip}}:6080/vnc_auto.html
- command: openstack-config --set /etc/nova/nova.conf DEFAULT glance_host {{controller_private_ip}}
- service: name=libvirtd state=started enabled=yes
- service: name=messagebus state=started enabled=yes
- service: name=openstack-nova-compute state=started enabled=yes
# http://docs.openstack.org/icehouse/install-guide/install/yum/content/neutron-ml2-compute-node.html
- sysctl: name=net.ipv4.conf.all.rp_filter value=0 state=present sysctl_set=yes reload=yes
- sysctl: name=net.ipv4.conf.default.rp_filter value=0 state=present sysctl_set=yes reload=yes
- name: install the Networking components
action: yum state=present pkg={{ item }}
with_items:
- openstack-neutron-ml2
- openstack-neutron-openvswitch
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://{{controller_private_ip}}:5000
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host {{controller_private_ip}}
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service
- command: openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password {{NEUTRON_PASS}}
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_qpid
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_hostname {{controller_private_ip}}
# uncomment if you want to debug compute instance
#- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT verbose True
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
- command: openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers local,flat,gre
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types gre
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre tunnel_id_ranges 1:1000
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs local_ip {{compute_private_ip}}
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs tunnel_type gre
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs enable_tunneling True
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
- command: openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True
- service: name=openvswitch state=started enabled=yes
- command: ovs-vsctl --may-exist add-br br-int
- command: openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_url http://{{controller_private_ip}}:9696
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_auth_strategy keystone
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_tenant_name service
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_username neutron
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_password {{NEUTRON_PASS}}
- command: openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_auth_url http://{{controller_private_ip}}:35357/v2.0
- command: openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
- command: openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
- command: openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api neutron
- file: src=/etc/neutron/plugins/ml2/ml2_conf.ini dest=/etc/neutron/plugin.ini state=link
- service: name=neutron-openvswitch-agent state=started enabled=yes