build-undercloud-vm.yml

- hosts: 10.10.16.112
  vars:
    source_image: https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2
    disk: 100G
    vcpus: 4
    ram: 16384
    kvm_images_path: /var/lib/libvirt/images
    centos_image: CentOS-7-x86_64-GenericCloud.qcow2
    root_password: rd0c0ntrail123
    lab_nic: br-labnet
    undercloud_ip: 10.10.17.100
    undercloud_user: root
    undercloud_password: rd0c0ntrail123

  tasks:

  - name: get image
    get_url:
      url: "{{ source_image }}"
      dest: "{{ kvm_images_path}}"

  - name: Create empty qcow2 file to be target undercloud image
    command: qemu-img create -f qcow2 "{{ kvm_images_path[item|int] }}/undercloud.qcow2" "{{ disk }}"
    args:
      creates: "{{ kvm_images_path[item|int] }}/undercloud.qcow2"
    notify:
    - populate undercloud.qcow2 file
    - remove cloud-init
    - setup eth0
    - setup eth1

  - name: flush the handlers so the undercloud file is updated
    meta: flush_handlers

  - name: create virtual machine in kvm for temp undercloud, place it on env-1-ospnet
    command: virt-install
        --ram "{{ ram }}" --vcpus "{{ vcpus }}" --os-variant rhel7
        --disk path="{{ kvm_images_path[item|int] }}/undercloud.qcow2",device=disk,bus=virtio,format=qcow2
        --import --noautoconsole --vnc --autostart
        --name "temp-undercloud"
        --network type=direct,source="{{ lab_nic }}",model=virtio
        --network network=default,model=virtio
    args:
      creates: "/etc/libvirt/qemu/temp-undercloud.xml"

  - name: Setup inventory for temp-undercloud
    add_host:
      name: temp-undercloud
      ansible_ssh_user: root
      ansible_ssh_host: "{{ undercloud_ip }}"
      ansible_ssh_pass: rd0c0ntrail123
      ansible_ssh_common_args: '-o StrictHostKeyChecking=no'


  - name: Wait for SSH on the Instance # must run from local host because host can't reach instance with macvtap network
    wait_for:
      port: 22
      host: "{{ undercloud_ip }}"
      search_regex: OpenSSH
      delay: 5
      timeout: 300
    delegate_to: localhost

  handlers:

  - name: populate undercloud file
    command: virt-resize --expand /dev/sda1 "{{ kvm_images_path[item|int] }}/{{ centos_image }}" "{{ kvm_images_path[item|int] }}/undercloud.qcow2"

  - name: remove cloud-init
    command: "virt-customize -a {{ kvm_images_path[item|int] }}/undercloud.qcow2 --run-command 'yum remove cloud-init* -y' --root-password password:{{ root_password }}"

  - name: setup eth0
    command: |
      virt-customize -a "{{ kvm_images_path[item|int] }}/undercloud.qcow2" --run-command 'cat << EOF > /etc/sysconfig/network-scripts/ifcfg-eth0
      DEVICE="eth0"
      ONBOOT="yes"
      TYPE="Ethernet"
      PEERDNS="yes"
      IPV6INIT="no"
      IPADDR="{{ undercloud_ip }}"
      PREFIX=22
      GATEWAY=10.10.16.2
      DNS1=8.8.8.8
      EOF'


- hosts: temp-undercloud
  become: true
  tasks:

  - name: set temp hostname
    hostname:
      name: temp-undercloud.local

#  - name: create openstack repo files
#    copy:
#      src: "roles/host/files/{{ item }}"
#      dest: /etc/yum.repos.d/
#      owner: root
#      group: root
#      mode: 0644
#    with_items:
#    - CentOS-QEMU-EV.repo
#    - CentOS-OpenStack-queens.repo
#
#  - name: create openstack repo gpg files
#    copy:
#      src: "roles/host/files/{{ item }}"
#      dest: /etc/pki/rpm-gpg/
#      owner: root
#      group: root
#      mode: 0644
#    with_items:
#    - RPM-GPG-KEY-CentOS-SIG-Virtualization
#    - RPM-GPG-KEY-CentOS-SIG-Cloud

  - name: use trunk repos
    command: |
      tripeo_repos=`python -c 'import requests;r = requests.get("https://trunk.rdoproject.org/centos7-queens/current"); print r.text ' |grep python2-tripleo-repos|awk -F"href=\"" '{print $2}'|awk -F"\"" '{print $1}'`
      yum install -y https://trunk.rdoproject.org/centos7-queens/current/${tripeo_repos}
      tripleo-repos -b queens current

  - name: install role packages
    yum:
      name: "{{ item }}"
      state: present
    with_items:
      - python-tripleoclient
      - libguestfs-tools
      - libguestfs-xfs

  - name: Allow 'wheel' group to have passwordless sudo
    lineinfile:
      dest: /etc/sudoers
      state: present
      regexp: '^%wheel'
      line: '%wheel ALL=(ALL) NOPASSWD: ALL'
      validate: 'visudo -cf %s'

  - name: create stack user
    user:
      name: stack
      password: "{{ undercloud_password }}"
      groups: wheel,docker

  - name: setup undercloud.conf
    become_user: stack
    shell: cp /usr/share/instack-undercloud/undercloud.conf.sample ~/undercloud.conf

  - name: add nameservers for ctlplane
    lineinfile:
      path: /home/stack/undercloud.conf
      line: undercloud_nameservers=8.8.8.8

  - name: install tripleo
    become_user: stack
    shell: openstack undercloud install
    args:
      creates: "/home/stack/stackrc"

  - name: setup vlan 720
    copy:
      src: ifcfg-br-ctlplane.720
      dest: /etc/sysconfig/network-scripts/
      owner: root
      group: root
      mode: 0644
    notify: restart network

  - name: set iptables rules
    lineinfile:
      path: /etc/sysconfig/iptables
      line: -A FORWARD -i br-ctlplane -o eth0 -j ACCEPT
      insertafter: '^-A FORWARD -i docker0 -o docker0 -j ACCEPT'
    notify: restart iptables

  - name: set iptables rules
    lineinfile:
      path: /etc/sysconfig/iptables
      line: -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
      insertafter: '^-A FORWARD -i docker0 -o docker0 -j ACCEPT'
    notify: restart iptables

  - name: set iptables rules
    lineinfile:
      path: /etc/sysconfig/iptables
      line: -A POSTROUTING -o eth0 -j MASQUERADE
      insertafter: '^-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE'
    notify: restart iptables

  - name: create images dir
    become_user: stack
    file:
      path: /home/stack/images
      state: directory
      mode: 0755

  - name: download images
    become_user: stack
    shell: |
      cd ~/images
      curl -O https://images.rdoproject.org/queens/rdo_trunk/current-tripleo-rdo/ironic-python-agent.tar
      curl -O https://images.rdoproject.org/queens/rdo_trunk/current-tripleo-rdo/overcloud-full.tar
      tar xvf ironic-python-agent.tar
      tar xvf overcloud-full.tar
      virt-customize -a overcloud-full.qcow2 --root-password password:rd0c0ntrail123
      source ~/stackrc
      openstack overcloud image upload
    args:
      creates: "/home/stack/images/overcloud-full.qcow2"

  - name: create flavors
    become_user: stack
    shell: |
      source ~/stackrc
      for i in contrail-controller contrail-analytics contrail-database contrail-analytics-database; do   openstack flavor create $i --ram 4096 --vcpus 1 --disk 40;   openstack flavor set --property "capabilities:boot_option"="local" --property "capabilities:profile"="${i}" ${i}; done

  - name: setup template folders
    become_user: stack
    shell: |
      cd ~
      cp -r /usr/share/openstack-tripleo-heat-templates/ tripleo-heat-templates
      git clone https://github.com/juniper/contrail-tripleo-heat-templates -b stable/queens
      cp -r contrail-tripleo-heat-templates/* tripleo-heat-templates/
    args:
      creates: "/home/stack/tripleo-heat-templates"

  - name: get docker images
    become_user: stack
    shell: |
      source ~/stackrc
      openstack overcloud container image prepare \
      --namespace docker.io/tripleoqueens \
      --tag current-tripleo \
      --tag-from-label rdo_version \
      --output-env-file ~/docker_registry.yaml
      tag=`grep "docker.io/tripleoqueens" docker_registry.yaml |tail -1 |awk -F":" '{print $3}'`
      openstack overcloud container image prepare \
      --namespace docker.io/tripleoqueens \
      --tag ${tag} \
      --push-destination 192.168.24.1:8787 \
      --output-env-file ~/docker_registry.yaml \
      --output-images-file ~/overcloud_containers.yaml
      openstack overcloud container image upload --config-file ~/overcloud_containers.yaml
    args:
      creates: "/home/stack/overcloud_containers.yaml"

  handlers:

  - name: restart network
    service:
      name: network
      state: restarted

  - name: restart iptables
    service:
      name: iptables
      state: restarted