diff --git a/ansible/playbooks/infra-deploy.yaml b/ansible/playbooks/infra-deploy.yaml index 8bc62a38c..2a15a3188 100644 --- a/ansible/playbooks/infra-deploy.yaml +++ b/ansible/playbooks/infra-deploy.yaml @@ -9,12 +9,12 @@ deploy_bastion: true cluster_name: cluster.local os_bastion_user: ubuntu - os_image_id: jammy-raw + os_image_id: Ubuntu-22.04 os_cloud_name: "rxt-mvp" os_network_name: openstack-flex os_keypair_name: "{{ os_network_name }}-keypair" - os_launcher_flavor: r1.gp.gen0 - os_node_flavor: r3.compute.gen0 + os_launcher_flavor: m1.medium + os_node_flavor: m1.large os_node_count: 7 # Not used when using MetalLB # os_security_groups: @@ -260,7 +260,8 @@ - name: Check keypair results ansible.builtin.assert: that: - - (_result_keypair.keypair.private_key | length) > 0 + - _result_keypair.keypair.private_key is not none + - _result_keypair.keypair.private_key | length > 0 msg: Keypair already exists, nothing created. ignore_errors: true register: _result_keypair_check @@ -466,8 +467,8 @@ [all:vars] ansible_ssh_common_args='-F {% raw %}{{ lookup('env', 'HOME') }}{% endraw %}/.ssh/{{ os_keypair_name }}.config' cluster_name={{ cluster_name }} - kube_ovn_iface=ens4 - kube_ovn_default_interface_name=ens3 + kube_ovn_iface=enp4s0 + kube_ovn_default_interface_name=enp4s0 {% if (bastion_nodes | length) > 0 %} [bastion] @@ -499,36 +500,52 @@ - name: Create lab environment hosts: bastion_node + become: true vars: os_bastion_user: ubuntu os_network_name: openstack-flex os_keypair_name: "{{ os_network_name }}-keypair" # ansible_ssh_common_args: "-F {{ lookup('env', 'HOME') }}/.ssh/{{ os_keypair_name }}.config" ansible_ssh_private_key_file: "{{ lookup('env', 'HOME') }}/.ssh/{{ os_keypair_name }}.key" + genestack_product: openstack-flex tasks: - name: Create ssh directory on jump host ansible.builtin.file: - path: "/home/{{ os_bastion_user }}/.ssh" + path: "{{ item }}" state: directory mode: "0700" + with_items: + - "/home/{{ os_bastion_user }}/.ssh" + - /root/.ssh - name: Copy ssh-key to jump host ansible.builtin.copy: src: "{{ ansible_ssh_private_key_file }}" - dest: "/home/{{ os_bastion_user }}/.ssh/{{ ansible_ssh_private_key_file | basename }}" + dest: "{{ item }}" mode: "0600" + with_items: + - "/home/{{ os_bastion_user }}/.ssh/{{ ansible_ssh_private_key_file | basename }}" + - /root/.ssh/{{ ansible_ssh_private_key_file | basename }} - name: Copy ssh-config to jump host ansible.builtin.copy: content: | - Host 172.31.* + Host 172.31.* {{os_network_name}}* User {{ os_bastion_user }} Host * IdentityFile /home/{{ os_bastion_user }}/.ssh/{{ ansible_ssh_private_key_file | basename }} StrictHostKeyChecking no UserKnownHostsFile /dev/null - dest: "/home/{{ os_bastion_user }}/.ssh/{{ os_keypair_name }}.config" + dest: "{{ item }}" mode: "0640" + with_items: + - "/home/{{ os_bastion_user }}/.ssh/config" + - /root/.ssh/config + - name: Fix bastion user ssh perms + ansible.builtin.file: + path: "/home/{{ os_bastion_user }}/.ssh" + owner: "{{ os_bastion_user }}" + group: "{{ os_bastion_user }}" + recurse: true - name: Install basic packages - become: true ansible.builtin.package: name: - rsync @@ -536,33 +553,60 @@ update_cache: true state: present - name: syncronize the local directory - become: true ansible.builtin.synchronize: src: "{{ playbook_dir }}/../../" dest: "/opt/genestack" delete: false recursive: true - name: Create the genestack etc directory - become: true ansible.builtin.file: path: "/etc/genestack/inventory" state: directory mode: "0755" - name: Copy the genestack inventory - become: true ansible.builtin.copy: src: "{{ lookup('env', 'HOME') }}/{{ os_network_name }}-inventory.ini" dest: "/etc/genestack/inventory/{{ os_network_name }}-inventory.ini" mode: "0644" - name: Tweak the ansible inventory for local use - become: true ansible.builtin.lineinfile: path: "/etc/genestack/inventory/{{ os_network_name }}-inventory.ini" regexp: "^ansible_ssh_common_args.*" state: absent - name: Remove the bastion section - become: true community.general.ini_file: path: "/etc/genestack/inventory/{{ os_network_name }}-inventory.ini" section: bastion state: absent + - name: Check if hosts file has anything for 172.31. + command: grep -q 172.31. /etc/hosts + register: hosts_updated + ignore_errors: true + failed_when: hosts_updated.rc not in [0, 1] + - name: Add inventory to hosts file iff no 172.31. IPs exist + command: cat /etc/genestack/inventory/{{ os_network_name }}-inventory.ini | awk '/ansible/ { print $2, $1 }' | cut -f2 -d"=" >> /etc/hosts + when: hosts_updated.rc == 1 + - name: Check if kubectl exists + command: test -f /usr/local/bin/kubectl + register: kubectl_exists + failed_when: kubectl_exists.rc not in [0, 1] + - name: Download kubectl + command: curl -L "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" -o /usr/local/bin/kubectl + when: kubectl_exists.rc == 1 + tags: + - skip_ansible_lint + - name: Make kubectl executable + command: chmod +x /usr/local/bin/kubectl + when: kubectl_exists.rc == 1 + - name: Execute bootstrap script + ansible.builtin.debug: + msg: "This will install ansible, collections, etc." + - name: Genestack bootstrap + command: /opt/genestack/bootstrap.sh + environment: + GENESTACK_PRODUCT: "{{ genestack_product }}" + - name: Source Genestack venv via .bashrc + ansible.builtin.lineinfile: + path: /root/.bashrc + line: "source /root/.venvs/genestack/bin/activate" + insertafter: EOF