aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPawel Wieczorek <p.wieczorek2@samsung.com>2020-12-24 09:42:55 +0100
committerBartek Grzybowski <b.grzybowski@partner.samsung.com>2021-01-07 10:34:50 +0000
commitf7dd723294912e4bb4484859ac263ab9270d70c6 (patch)
tree33cac7e5c114ea50abccf5d13ea5cea37c7d6bbd
parentdbe49b2d6eeddc3726270c1cdd0ce93848bbac5c (diff)
Allow operator access to the cluster
This patch creates operator keypair and deploys its public key to all machines in the cluster. Previously cluster could be accessed from OpenStack admin machine only. Additional information added to the "all.yml*" group variables allowed keeping current roles generic and flexible. Issue-ID: INT-1601 Change-Id: I6b289ff9a8c9ebe04562671b8f4b4468b543723f Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
-rw-r--r--deployment/noheat/infra-openstack/ansible/create.yml21
-rw-r--r--deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample29
-rw-r--r--deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap100
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml10
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/main.yml2
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_hosts/tasks/main.yml2
6 files changed, 107 insertions, 57 deletions
diff --git a/deployment/noheat/infra-openstack/ansible/create.yml b/deployment/noheat/infra-openstack/ansible/create.yml
index 38f2f9d20..3885f0e2c 100644
--- a/deployment/noheat/infra-openstack/ansible/create.yml
+++ b/deployment/noheat/infra-openstack/ansible/create.yml
@@ -8,3 +8,24 @@
- openstack/create_devstack_securitygroup
- openstack/create_devstack_keypair
- openstack/create_devstack_hosts
+- name: Create cluster operator access keypair
+ hosts: "operator0"
+ gather_facts: False
+ tasks:
+ - name: Wait for system to become reachable
+ wait_for_connection:
+ - name: Generate an OpenSSH keypair with the default values (4096 bits, rsa)
+ community.crypto.openssh_keypair:
+ path: "~/.ssh/{{ keypair.name }}"
+ register: key
+- name: Deploy cluster operator public key
+ hosts: "cluster0"
+ gather_facts: False
+ tasks:
+ - name: Wait for system to become reachable
+ wait_for_connection:
+ - name: Add authorized key
+ ansible.posix.authorized_key:
+ user: "{{ image.user }}"
+ state: present
+ key: "{{ hostvars['operator0']['key']['public_key'] }}"
diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample
index 5a7defeec..c2d551da6 100644
--- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample
@@ -10,11 +10,24 @@ securitygroup:
name: &securitygroup_name "onap_ci_lab"
remote_ip_prefix: "172.24.4.0/24"
-hosts:
- - name: "operator0"
- image: "Ubuntu_18.04"
- flavor: "m1.tiny"
- keypair: *keypair_name
- network: *network_name
- securitygroup: *securitygroup_name
- volume_size: 5
+image:
+ name: &image_name "Ubuntu_18.04"
+ user: "ubuntu"
+
+cluster:
+ name: "cluster0"
+ hosts:
+ - name: "operator0"
+ image: *image_name
+ flavor: "m1.tiny"
+ keypair: *keypair_name
+ network: *network_name
+ securitygroup: *securitygroup_name
+ volume_size: 5
+ - name: "worker0"
+ image: *image_name
+ flavor: "m1.tiny"
+ keypair: *keypair_name
+ network: *network_name
+ securitygroup: *securitygroup_name
+ volume_size: 5
diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap
index fac94c58d..c6ded5605 100644
--- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap
@@ -10,50 +10,56 @@ securitygroup:
name: &securitygroup_name "onap_ci_lab"
remote_ip_prefix: "0.0.0.0/0"
-hosts:
- - name: "operator0"
- image: "Ubuntu_18.04"
- flavor: "m1.xlarge"
- keypair: *keypair_name
- network: *network_name
- securitygroup: *securitygroup_name
- volume_size: 20
- - name: "control0"
- image: "Ubuntu_18.04"
- flavor: "m1.xlarge"
- keypair: *keypair_name
- network: *network_name
- securitygroup: *securitygroup_name
- volume_size: 50
- - name: "worker0a"
- image: "Ubuntu_18.04"
- flavor: "m1.2xlarge"
- keypair: *keypair_name
- network: *network_name
- auto_ip: false
- securitygroup: *securitygroup_name
- volume_size: 80
- - name: "worker0b"
- image: "Ubuntu_18.04"
- flavor: "m1.2xlarge"
- keypair: *keypair_name
- network: *network_name
- auto_ip: false
- securitygroup: *securitygroup_name
- volume_size: 80
- - name: "worker0c"
- image: "Ubuntu_18.04"
- flavor: "m1.2xlarge"
- keypair: *keypair_name
- network: *network_name
- auto_ip: false
- securitygroup: *securitygroup_name
- volume_size: 80
- - name: "nfs0"
- image: "Ubuntu_18.04"
- flavor: "m1.large"
- keypair: *keypair_name
- network: *network_name
- auto_ip: false
- securitygroup: *securitygroup_name
- volume_size: 150
+image:
+ name: &image_name "Ubuntu_18.04"
+ user: "ubuntu"
+
+cluster:
+ name: "cluster0"
+ hosts:
+ - name: "operator0"
+ image: *image_name
+ flavor: "m1.xlarge"
+ keypair: *keypair_name
+ network: *network_name
+ securitygroup: *securitygroup_name
+ volume_size: 20
+ - name: "control0"
+ image: *image_name
+ flavor: "m1.xlarge"
+ keypair: *keypair_name
+ network: *network_name
+ securitygroup: *securitygroup_name
+ volume_size: 50
+ - name: "worker0a"
+ image: *image_name
+ flavor: "m1.2xlarge"
+ keypair: *keypair_name
+ network: *network_name
+ auto_ip: false
+ securitygroup: *securitygroup_name
+ volume_size: 80
+ - name: "worker0b"
+ image: *image_name
+ flavor: "m1.2xlarge"
+ keypair: *keypair_name
+ network: *network_name
+ auto_ip: false
+ securitygroup: *securitygroup_name
+ volume_size: 80
+ - name: "worker0c"
+ image: *image_name
+ flavor: "m1.2xlarge"
+ keypair: *keypair_name
+ network: *network_name
+ auto_ip: false
+ securitygroup: *securitygroup_name
+ volume_size: 80
+ - name: "nfs0"
+ image: *image_name
+ flavor: "m1.large"
+ keypair: *keypair_name
+ network: *network_name
+ auto_ip: false
+ securitygroup: *securitygroup_name
+ volume_size: 150
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
index 2a78e82e3..7fed57859 100644
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
@@ -13,3 +13,13 @@
boot_from_volume: true
terminate_volume: true
volume_size: "{{ host.volume_size | default(10) }}"
+ register: new_host
+
+- name: Add host to inventory
+ add_host:
+ hostname: "{{ new_host.server.name }}"
+ groups: "{{ cluster.name }}"
+ ansible_ssh_host: "{{ new_host.server.public_v4 }}"
+ ansible_ssh_user: "{{ image.user }}"
+ ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
+ ansible_ssh_private_key_file: "~/.ssh/{{ keypair.key.name }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/main.yml
index 731bca04f..f8a64cbef 100644
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/main.yml
@@ -1,3 +1,3 @@
---
- include: create_host.yml host={{ item }}
- loop: "{{ hosts }}"
+ loop: "{{ cluster.hosts }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_hosts/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_hosts/tasks/main.yml
index 5ce130d44..a27e6a27b 100644
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_hosts/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_hosts/tasks/main.yml
@@ -1,3 +1,3 @@
---
- include: destroy_host.yml host={{ item }}
- loop: "{{ hosts }}"
+ loop: "{{ cluster.hosts }}"