aboutsummaryrefslogtreecommitdiffstats
path: root/ansible/roles/ansible-vvp-bootstrap
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/ansible-vvp-bootstrap')
-rw-r--r--ansible/roles/ansible-vvp-bootstrap/README.md38
-rw-r--r--ansible/roles/ansible-vvp-bootstrap/tasks/main.yml12
-rw-r--r--ansible/roles/ansible-vvp-bootstrap/templates/dnsmasq.conf.j210
-rw-r--r--ansible/roles/ansible-vvp-bootstrap/templates/ignition/controller.yaml.j210
-rw-r--r--ansible/roles/ansible-vvp-bootstrap/templates/ignition/worker.yaml.j278
5 files changed, 99 insertions, 49 deletions
diff --git a/ansible/roles/ansible-vvp-bootstrap/README.md b/ansible/roles/ansible-vvp-bootstrap/README.md
new file mode 100644
index 0000000..225dd44
--- /dev/null
+++ b/ansible/roles/ansible-vvp-bootstrap/README.md
@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+ - hosts: servers
+ roles:
+ - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).
diff --git a/ansible/roles/ansible-vvp-bootstrap/tasks/main.yml b/ansible/roles/ansible-vvp-bootstrap/tasks/main.yml
index 48b545e..81a3f1f 100644
--- a/ansible/roles/ansible-vvp-bootstrap/tasks/main.yml
+++ b/ansible/roles/ansible-vvp-bootstrap/tasks/main.yml
@@ -115,6 +115,18 @@
with_items:
- 443
- 80
+
+# dnsmask prereq - Allow ping between all hosts
+- name: Allow Ping from Outside to Inside
+ shell: |
+ iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
+ iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
+
+- name: Allow Ping from Inside to Outside
+ shell: |
+ iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
+ iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
+
- name: Drop INPUT
shell: iptables -P INPUT DROP
tags:
diff --git a/ansible/roles/ansible-vvp-bootstrap/templates/dnsmasq.conf.j2 b/ansible/roles/ansible-vvp-bootstrap/templates/dnsmasq.conf.j2
index 2908165..86fa4c5 100644
--- a/ansible/roles/ansible-vvp-bootstrap/templates/dnsmasq.conf.j2
+++ b/ansible/roles/ansible-vvp-bootstrap/templates/dnsmasq.conf.j2
@@ -53,19 +53,19 @@ dhcp-option=#{{ops_management_interface}},6
enable-tftp
tftp-root=/var/lib/tftpboot
{% if pxe_boot %}
- {% if pxe_chainload %}
+{% if pxe_chainload %}
dhcp-userclass=set:iceundi,ICEPXE
dhcp-boot=tag:coreos,tag:#iceundi,iceundionly.kpxe
- {% else %}
+{% else %}
dhcp-userclass=set:iceundi,iPXE
dhcp-boot=tag:coreos,tag:#iceundi,undionly.kpxe
- {% endif %}
+{% endif %}
dhcp-boot=tag:iceundi,http://{{ops_management_ip}}:8080/boot.ipxe
{% endif %}
{% for host in hosts %}
- {% for config in host.dnsmasq_config %}
+{% for config in host.dnsmasq_config %}
dhcp-host={{config}}
- {% endfor %}
+{% endfor %}
{% endfor %}
dhcp-ignore=tag:#known
log-queries
diff --git a/ansible/roles/ansible-vvp-bootstrap/templates/ignition/controller.yaml.j2 b/ansible/roles/ansible-vvp-bootstrap/templates/ignition/controller.yaml.j2
index ff8e0b8..bf01435 100644
--- a/ansible/roles/ansible-vvp-bootstrap/templates/ignition/controller.yaml.j2
+++ b/ansible/roles/ansible-vvp-bootstrap/templates/ignition/controller.yaml.j2
@@ -182,7 +182,8 @@ systemd:
--pod-manifest-path=/etc/kubernetes/manifests \
--hostname-override={{.domain_name}} \
--cluster_dns={{.k8s_dns_service_ip}} \
- --cluster_domain=cluster.local
+ --cluster_domain=cluster.local \
+ --pod-infra-container-image="docker.io/kubernetes/pause"
ExecStop=-/usr/bin/rkt stop --uuid-file=/var/run/kubelet-pod.uuid
Restart=always
RestartSec=10
@@ -354,13 +355,14 @@ storage:
- --service-account-key-file=/etc/kubernetes/ssl/apiserver-key.pem
- --runtime-config=extensions/v1beta1/networkpolicies=true
- --anonymous-auth=false
+ - --storage-backend=etcd2
livenessProbe:
httpGet:
host: 127.0.0.1
- port: 8080
+ port: 10253
path: /healthz
- initialDelaySeconds: 15
- timeoutSeconds: 15
+ initialDelaySeconds: 15000
+ timeoutSeconds: 1500
ports:
- containerPort: {{.k8s_controller_port}}
hostPort: {{.k8s_controller_port}}
diff --git a/ansible/roles/ansible-vvp-bootstrap/templates/ignition/worker.yaml.j2 b/ansible/roles/ansible-vvp-bootstrap/templates/ignition/worker.yaml.j2
index 701559b..e9823c7 100644
--- a/ansible/roles/ansible-vvp-bootstrap/templates/ignition/worker.yaml.j2
+++ b/ansible/roles/ansible-vvp-bootstrap/templates/ignition/worker.yaml.j2
@@ -1,43 +1,41 @@
-{#
--*- encoding: utf-8 -*-
-============LICENSE_START=======================================================
-org.onap.vvp/engagementmgr
-===================================================================
-Copyright © 2017 AT&T Intellectual Property. All rights reserved.
-===================================================================
-
-Unless otherwise specified, all software contained herein is licensed
-under the Apache License, Version 2.0 (the “License”);
-you may not use this software except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
-
-
-Unless otherwise specified, all documentation contained herein is licensed
-under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
-you may not use this documentation except in compliance with the License.
-You may obtain a copy of the License at
-
- https://creativecommons.org/licenses/by/4.0/
-
-Unless required by applicable law or agreed to in writing, documentation
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
-============LICENSE_END============================================
-
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
-#}
+# -*- encoding: utf-8 -*-
+# ============LICENSE_START=======================================================
+# org.onap.vvp/engagementmgr
+# ===================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ===================================================================
+#
+# Unless otherwise specified, all software contained herein is licensed
+# under the Apache License, Version 2.0 (the “License”);
+# you may not use this software except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+#
+# Unless otherwise specified, all documentation contained herein is licensed
+# under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
+# you may not use this documentation except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
+# Unless required by applicable law or agreed to in writing, documentation
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# ============LICENSE_END============================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
---
{% raw %}
systemd: