Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

simplify playbook

Browse source
This commit is contained in:
Miroslav Suchý 2015-03-27 13:50:48 +00:00
parent 20202ac16b
commit c6c97fb7d3
1 changed files with 11 additions and 100 deletions
Download patch file Download diff file Expand all files Collapse all files

111
playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
View file

@ -6,7 +6,8 @@
gather_facts: True gather_facts: True
vars: vars:
all_tenants: ['cloudintern', 'cloudsig', 'copr', 'coprdev', 'infrastructure', # this is actually without admin tenant
all_tenants: ['cloudintern', 'cloudsig', 'copr', 'coprdev', 'infrastructure',
'persistent', 'pythonbots', 'qa', 'scratch', 'transient'] 'persistent', 'pythonbots', 'qa', 'scratch', 'transient']
vars_files: vars_files:
@ -556,17 +557,7 @@
- name: Create roles for additional tenants - name: Create roles for additional tenants
shell: source /root/keystonerc_admin && keystone role-list |grep ' {{item}} ' || keystone role-create --name {{ item }} shell: source /root/keystonerc_admin && keystone role-list |grep ' {{item}} ' || keystone role-create --name {{ item }}
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
- name: Assign users to secondary tentants - name: Assign users to secondary tentants
shell: source /root/keystonerc_admin && keystone user-role-list --user "{{item.user}}" --tenant "{{item.tenant}}" | grep ' {{item.tenant }} ' || keystone user-role-add --user {{item.user}} --role {{item.tenant}} --tenant {{item.tenant}} || true shell: source /root/keystonerc_admin && keystone user-role-list --user "{{item.user}}" --tenant "{{item.tenant}}" | grep ' {{item.tenant }} ' || keystone user-role-add --user {{item.user}} --role {{item.tenant}} --tenant {{item.tenant}} || true
#keystone_user: #keystone_user:
@ -671,34 +662,14 @@
auth_url="https://{{controller_hostname}}:35357/v2.0" auth_url="https://{{controller_hostname}}:35357/v2.0"
tenant_name="{{ item }}" tenant_name="{{ item }}"
name="ext-to-{{ item }}" name="ext-to-{{ item }}"
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
- name: "Connect router's gateway to the external network" - name: "Connect router's gateway to the external network"
neutron_router_gateway: neutron_router_gateway:
login_username="admin" login_password="{{ ADMIN_PASS }}" login_tenant_name="admin" login_username="admin" login_password="{{ ADMIN_PASS }}" login_tenant_name="admin"
auth_url="https://{{controller_hostname}}:35357/v2.0" auth_url="https://{{controller_hostname}}:35357/v2.0"
router_name="ext-to-{{ item }}" router_name="ext-to-{{ item }}"
network_name="external" network_name="external"
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
- name: Create a private network for all tenants - name: Create a private network for all tenants
neutron_network: neutron_network:
login_username="admin" login_password="{{ ADMIN_PASS }}" login_tenant_name="admin" login_username="admin" login_password="{{ ADMIN_PASS }}" login_tenant_name="admin"
@ -745,17 +716,7 @@
tenant_name="{{ item }}" tenant_name="{{ item }}"
router_name="ext-to-{{ item }}" router_name="ext-to-{{ item }}"
subnet_name="{{ item }}-subnet" subnet_name="{{ item }}-subnet"
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
################# #################
# Security Groups # Security Groups
@ -777,17 +738,7 @@
ethertype: "IPv4" ethertype: "IPv4"
protocol: "tcp" protocol: "tcp"
remote_ip_prefix: "0.0.0.0/0" remote_ip_prefix: "0.0.0.0/0"
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
- name: "Create 'ssh-internal' security group" - name: "Create 'ssh-internal' security group"
neutron_sec_group: neutron_sec_group:
@ -835,17 +786,7 @@
ethertype: "IPv4" ethertype: "IPv4"
protocol: "tcp" protocol: "tcp"
remote_ip_prefix: "0.0.0.0/0" remote_ip_prefix: "0.0.0.0/0"
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
- name: "Create 'web-443-anywhere' security group" - name: "Create 'web-443-anywhere' security group"
neutron_sec_group: neutron_sec_group:
@ -864,17 +805,7 @@
ethertype: "IPv4" ethertype: "IPv4"
protocol: "tcp" protocol: "tcp"
remote_ip_prefix: "0.0.0.0/0" remote_ip_prefix: "0.0.0.0/0"
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
- name: "Create 'wide-open' security group" - name: "Create 'wide-open' security group"
neutron_sec_group: neutron_sec_group:
@ -893,17 +824,7 @@
ethertype: "IPv4" ethertype: "IPv4"
protocol: "tcp" protocol: "tcp"
remote_ip_prefix: "0.0.0.0/0" remote_ip_prefix: "0.0.0.0/0"
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
- name: "Create 'ALL ICMP' security group" - name: "Create 'ALL ICMP' security group"
neutron_sec_group: neutron_sec_group:
@ -920,17 +841,7 @@
ethertype: "IPv4" ethertype: "IPv4"
protocol: "icmp" protocol: "icmp"
remote_ip_prefix: "0.0.0.0/0" remote_ip_prefix: "0.0.0.0/0"
with_items: with_items: all_tenants
- cloudintern
- cloudsig
- copr
- coprdev
- infrastructure
- persistent
- pythonbots
- qa
- scratch
- transient
# Update quota for Copr # Update quota for Copr
# SEE: # SEE: