noheat: Upgrades, refactor, deploy Devstack

* Revert "Enable VID" (this reverts commit 2223bfaffa8fe5fb90c578ec71a035f001b9ce22)
* make sure ca-certificates is current
* add ability to configure Docker daemon
* upgrade Ubuntu to 20.04
* update tools, dependencies, Ansible Galaxy collections, Docker, RKE, k8s & charts
* make Prometheus & MetalLB optional
* deploy Istio
* use copy instead of ansible.posix.synchronize
* Allow to set IP address pools in OpenStack
* fix ansible-lint issues
* split big tasks files into smaller ones
* migrate to ansible-core
* add 'make onap' task
* add Devstack deployment
* fix NFS exports
* add Strimzi
* install Docker on operator
* override Nexus only on hosts that need it
* ability to set override file (sm-onap is default)
* ability to set ONAP (OOM) branch
* ability to set Devstack version
* add playbook to deploy everything
* describe how to run playbooks
* save operator0 access information
* install Galaxy deps with dedicated module

Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I88cfeeaf281c175340b63909983251ecd62eeb00

diff --git a/.gitignore b/.gitignore
index ce4abfa..ecf7f10 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -32,3 +32,4 @@ csit/
 benchmark/
 .tox/
 build/
+deployment/noheat/**/artifacts/*

diff --git a/deployment/noheat/README.rst b/deployment/noheat/README.rst
index da66516..a75ad2b 100644 (file)
--- a/deployment/noheat/README.rst
+++ b/deployment/noheat/README.rst
@@ -25,16 +25,24 @@ Dependencies
 ~~~~~~~~~~~~
 
 - Required python packages (including Ansible) can be found in ``requirements.txt`` pip file.
-  Tested on Python 3.6.9.
-- Ansible:
-    - Collections
-        - community.crypto: tested on 1.7.1
-        - ansible.posix: tested on 1.2.0
-        - openstack.cloud: tested on 1.5.0
-    - Roles
-        - geerlingguy.ansible: tested on 2.1.0
+  Tested on Python 3.8.10.
+- Ansible required collections & roles can be found in ``requirements.yml`` file for installation
+  with ansible-galaxy tool.
 
 Expected output
 ---------------
 
 Ephemeral (disposable) ONAP instance.
+
+Running
+-------
+
+There are 4 playbooks available:
+
+- infa-openstack/ansible/create.yml: creates and prepares OpenStack VMs, generates inventory.
+  Must be run as a first playbook. Run on your machine.
+- devstack/ansible/create.yml: deploys Devstack on appropriate VM. Run on jumphost VM (operator0).
+- cluster-rke/ansible/create.yml: deploys NFS, k8s, helm charts and ONAP. Run on jumphost VM.
+- deploy-all.yml: runs above playbooks. Run on your machine.
+
+User may run deploy-all.yml or manually run infra-openstack, devstack and cluster-rke playbooks.

diff --git a/deployment/noheat/cluster-rke/ansible/create.yml b/deployment/noheat/cluster-rke/ansible/create.yml
index 3ba4a83..920db96 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/create.yml
+++ b/deployment/noheat/cluster-rke/ansible/create.yml
@@ -1,4 +1,12 @@
 ---
+- name: Update packages
+  hosts: operator
+  become: true
+  tasks:
+    - name: Update ca-certificates
+      package:
+        name: ca-certificates
+        state: latest
 - name: Install NFS
   hosts: all
   become: yes
@@ -11,7 +19,7 @@
     - role: create_bastion
       destination: "{{ nexus }}"
 - name: Add bastion information to the cluster nodes
-  hosts: all
+  hosts: control,workers
   become: yes
   tasks:
     - name: Add cluster hostnames to /etc/hosts file
@@ -22,11 +30,13 @@
         - "nexus3.onap.org"
 - name: Install Docker
   become: yes
-  hosts: control,workers
+  hosts: operator,control,workers
   roles:
     - role: setup_docker
 - name: Deploy k8s
   hosts: operator0
+  vars_files:
+    - ~/common-vars.yml
   roles:
     - role: setup_k8s
 - name: Download OOM
@@ -36,7 +46,7 @@
       git:
         repo: "https://git.onap.org/oom"
         dest: "{{ oom_dir }}"
-        version: "master"
+        version: "{{ onap_branch }}"
 - name: Install Helm
   hosts: operator0
   roles:

diff --git a/deployment/noheat/cluster-rke/ansible/group_vars/all.yml b/deployment/noheat/cluster-rke/ansible/group_vars/all.yml
deleted file mode 120000 (symlink)
index d8e74e2..0000000
--- a/deployment/noheat/cluster-rke/ansible/group_vars/all.yml
+++ /dev/null
@@ -1 +0,0 @@
-all.yml.sm-onap
\ No newline at end of file

diff --git a/deployment/noheat/cluster-rke/ansible/group_vars/all.yml.sm-onap b/deployment/noheat/cluster-rke/ansible/group_vars/all.yml.sm-onap
index 406f915..9fb3313 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/group_vars/all.yml.sm-onap
+++ b/deployment/noheat/cluster-rke/ansible/group_vars/all.yml.sm-onap
@@ -3,3 +3,9 @@ nexus:
   address: 199.204.45.137
   port: 10001
 oom_dir: "{{ ansible_user_dir }}/oom"
+onap_branch: "master"
+override_file: "{{ oom_dir }}/kubernetes/onap/resources/overrides/sm-onap.yaml"
+integration_dir: "{{ ansible_user_dir }}/integration"
+prometheus_enabled: true
+metallb_enabled: true
+istio_enabled: true

diff --git a/deployment/noheat/cluster-rke/ansible/group_vars/all/all.yml b/deployment/noheat/cluster-rke/ansible/group_vars/all/all.yml
new file mode 120000 (symlink)
index 0000000..2065261
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/group_vars/all/all.yml
@@ -0,0 +1 @@
+../all.yml.sm-onap
\ No newline at end of file

diff --git a/deployment/noheat/cluster-rke/ansible/roles/deps/defaults/main.yml b/deployment/noheat/cluster-rke/ansible/roles/deps/defaults/main.yml
index 28ddadf..eee910f 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/deps/defaults/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/deps/defaults/main.yml
@@ -1,6 +1,11 @@
 ---
-cert_manager_version: "1.2.0"
-prometheus_version: "13.13.1"
-metallb_version: "0.10.2"
-metallb_protocol: "layer2"
-metallb_addresses: "192.168.1.240-192.168.1.255"
+cert_manager_version: "1.5.5"
+prometheus_enabled: true
+prometheus_version: "19.3.0"
+metallb_enabled: true
+metallb_version: "0.13.6"
+metallb_addresses: "192.168.1.129-192.168.1.255"
+istio_enabled: true
+istio_version: "1.15.2"
+strimzi_enabled: true
+strimzi_version: "0.28.0"

diff --git a/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/cert-manager.yml b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/cert-manager.yml
new file mode 100644 (file)
index 0000000..5a14d93
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/cert-manager.yml
@@ -0,0 +1,17 @@
+---
+- name: Check if cert-manager manifest file is present
+  stat:
+    path: /tmp/cert-manager.yaml
+  register: cm_manifest
+
+- name: Download cert-manager
+  get_url:
+    url: "https://github.com/jetstack/cert-manager/releases/download/v{{ cert_manager_version }}/cert-manager.yaml"
+    dest: "/tmp"
+    mode: '0400'
+  when: not cm_manifest.stat.exists
+
+- name: Deploy cert-manager
+  kubernetes.core.k8s:
+    src: /tmp/cert-manager.yaml
+    state: present

diff --git a/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/istio.yml b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/istio.yml
new file mode 100644 (file)
index 0000000..01e335c
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/istio.yml
@@ -0,0 +1,40 @@
+---
+- name: Add Istio Helm repository
+  kubernetes.core.helm_repository:
+    name: istio
+    repo_url: https://istio-release.storage.googleapis.com/charts
+
+- name: Deploy Istio base chart
+  kubernetes.core.helm:
+    name: istio-base
+    chart_version: "{{ istio_version }}"
+    chart_ref: istio/base
+    release_namespace: istio-system
+    create_namespace: true
+
+- name: Deploy Istio discovery chart
+  kubernetes.core.helm:
+    name: istiod
+    chart_version: "{{ istio_version }}"
+    chart_ref: istio/istiod
+    release_namespace: istio-system
+    wait: true
+
+- name: Create Istio ingress gateway namespace
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: Namespace
+      metadata:
+        name: istio-ingress
+        labels:
+          istio-injection: enabled
+
+- name: Deploy Istio ingress gateway chart
+  kubernetes.core.helm:
+    name: istio-ingress
+    chart_version: "{{ istio_version }}"
+    chart_ref: istio/gateway
+    release_namespace: istio-ingress
+    wait: true

diff --git a/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/main.yml b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/main.yml
index 022867d..32adc33 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/main.yml
@@ -1,44 +1,19 @@
-- name: Download cert-manager
-  get_url:
-    url: "https://github.com/jetstack/cert-manager/releases/download/v{{ cert_manager_version }}/cert-manager.yaml"
-    dest: "/tmp"
-    mode: '0400'
+---
+- name: Setup cert-manager
+  include_tasks: cert-manager.yml
 
-- name: Deploy cert-manager
-  kubernetes.core.k8s:
-    src: /tmp/cert-manager.yaml
-    state: present
+- name: Setup strimzi
+  include_tasks: strimzi.yml
+  when: strimzi_enabled
 
-- name: Add MetalLB Helm repository
-  kubernetes.core.helm_repository:
-    name: metallb
-    repo_url: https://metallb.github.io/metallb
+- name: Setup MetalLB
+  include_tasks: metallb.yml
+  when: metallb_enabled
 
-- name: Add prometheus Helm repository
-  kubernetes.core.helm_repository:
-    name: prometheus
-    repo_url: https://prometheus-community.github.io/helm-charts
+- name: Setup Prometheus
+  include_tasks: prometheus.yml
+  when: prometheus_enabled
 
-- name: Copy MetalLB override file
-  template:
-    src: "metallb-values.yaml.j2"
-    dest: "/tmp/metallb-values.yaml"
-    mode: '0400'
-
-- name: Deploy MetalLB charts
-  kubernetes.core.helm:
-    name: metallb
-    chart_version: "{{ metallb_version }}"
-    chart_ref: metallb/metallb
-    release_namespace: metallb
-    create_namespace: true
-    values_files:
-      - /tmp/metallb-values.yaml
-
-- name: Deploy Prometheus charts
-  kubernetes.core.helm:
-    name: prometheus
-    chart_version: "{{ prometheus_version }}"
-    chart_ref: prometheus/kube-prometheus-stack
-    release_namespace: prometheus
-    create_namespace: true
+- name: Setup Istio
+  include_tasks: istio.yml
+  when: istio_enabled

diff --git a/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/metallb.yml b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/metallb.yml
new file mode 100644 (file)
index 0000000..95547ec
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/metallb.yml
@@ -0,0 +1,51 @@
+---
+- name: Add MetalLB Helm repository
+  kubernetes.core.helm_repository:
+    name: metallb
+    repo_url: https://metallb.github.io/metallb
+
+- name: Create MetalLB namespace
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: Namespace
+      metadata:
+        name: metallb-system
+        labels:
+          pod-security.kubernetes.io/enforce: privileged
+          pod-security.kubernetes.io/audit: privileged
+          pod-security.kubernetes.io/warn: privileged
+- name: Deploy MetalLB charts
+  kubernetes.core.helm:
+    name: metallb
+    chart_version: "{{ metallb_version }}"
+    chart_ref: metallb/metallb
+    release_namespace: metallb-system
+    wait: true
+
+- name: Create MetalLB IP Address Pool Resource
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      apiVersion: metallb.io/v1beta1
+      kind: IPAddressPool
+      metadata:
+        name: onap-pool
+        namespace: metallb-system
+      spec:
+        addresses:
+          - "{{ metallb_addresses }}"
+  register: result
+  retries: 1
+  until: result['failed'] == false
+
+- name: Create MetalLB L2 Advertisement Resource
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      apiVersion: metallb.io/v1beta1
+      kind: L2Advertisement
+      metadata:
+        name: onap
+        namespace: metallb-system

diff --git a/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/prometheus.yml b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/prometheus.yml
new file mode 100644 (file)
index 0000000..e046cdd
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/prometheus.yml
@@ -0,0 +1,13 @@
+---
+- name: Add prometheus Helm repository
+  kubernetes.core.helm_repository:
+    name: prometheus
+    repo_url: https://prometheus-community.github.io/helm-charts
+
+- name: Deploy Prometheus charts
+  kubernetes.core.helm:
+    name: prometheus
+    chart_version: "{{ prometheus_version }}"
+    chart_ref: prometheus/kube-prometheus-stack
+    release_namespace: prometheus
+    create_namespace: true

diff --git a/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/strimzi.yml b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/strimzi.yml
new file mode 100644 (file)
index 0000000..fd5828b
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/deps/tasks/strimzi.yml
@@ -0,0 +1,15 @@
+---
+- name: Add Strimzi Helm repository
+  kubernetes.core.helm_repository:
+    name: strimzi
+    repo_url: https://strimzi.io/charts
+
+- name: Deploy Strimzi chart
+  kubernetes.core.helm:
+    name: strimzi-kafka-operator
+    chart_version: "{{ strimzi_version }}"
+    chart_ref: strimzi/strimzi-kafka-operator
+    release_namespace: strimzi-system
+    create_namespace: true
+    values:
+      watchAnyNamespace: true

diff --git a/deployment/noheat/cluster-rke/ansible/roles/deps/templates/metallb-values.yaml.j2 b/deployment/noheat/cluster-rke/ansible/roles/deps/templates/metallb-values.yaml.j2
deleted file mode 100644 (file)
index d86d505..0000000
--- a/deployment/noheat/cluster-rke/ansible/roles/deps/templates/metallb-values.yaml.j2
+++ /dev/null
@@ -1,6 +0,0 @@
-configInline:
-  address-pools:
-   - name: default
-     protocol: "{{ metallb_protocol }}"
-     addresses:
-     - "{{ metallb_addresses }}"

diff --git a/deployment/noheat/cluster-rke/ansible/roles/oom/tasks/main.yml b/deployment/noheat/cluster-rke/ansible/roles/oom/tasks/main.yml
index c0d8b15..035fb01 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/oom/tasks/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/oom/tasks/main.yml
@@ -1,3 +1,4 @@
+---
 - name: Build OOM charts
   make:
     chdir: "{{ oom_dir }}/kubernetes"
@@ -5,6 +6,61 @@
     params:
       SKIP_LINT: "TRUE"
 
+- name: Build ONAP charts
+  make:
+    chdir: "{{ oom_dir }}/kubernetes"
+    target: onap
+    params:
+      SKIP_LINT: "TRUE"
+
+- name: Create ONAP namespace
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: Namespace
+      metadata:
+        name: onap
+        labels:
+          istio-injection: enabled
+  when: istio_enabled
+
+- name: Create ONAP namespace
+  kubernetes.core.k8s:
+    name: onap
+    api_version: v1
+    kind: Namespace
+    state: present
+  when: not istio_enabled
+
+- name: Get encryption key
+  command: cat  "{{ oom_dir }}/kubernetes/so/resources/config/mso/encryption.key"
+  register: encryption_key
+  when: encryption_key is undefined
+- name: Clone integration project
+  git:
+    repo: "https://git.onap.org/integration"
+    dest: "{{ integration_dir }}"
+    version: "{{ onap_branch }}"
+- name: Compile encryption tool
+  command:
+    cmd: javac Crypto.java
+    chdir: "{{ integration_dir }}/deployment/heat/onap-rke/scripts"
+    creates: "{{ integration_dir }}/deployment/heat/onap-rke/scripts/Crypto.class"
+- name: Encrypt password
+  command:
+    cmd: java Crypto "{{ openstack_passwd }}" "{{ encryption_key.stdout }}"
+    chdir: "{{ integration_dir }}/deployment/heat/onap-rke/scripts"
+  register: encrypted_password
+  when: encrypted_password is undefined
+
 - name: Deploy sm-onap
   command:
-    cmd: "helm deploy onap local/onap --namespace onap --create-namespace --set global.masterPassword=scrtPasswd --set vid.enabled=true -f {{ oom_dir }}/kubernetes/onap/resources/overrides/sm-onap.yaml"
+    cmd: "helm deploy onap local/onap --namespace onap --set global.masterPassword=scrtPasswd -f {{ override_file }}"
+  environment:
+    OPENSTACK_USER_NAME: "{{ openstack_username }}"
+    OPENSTACK_REGION: "{{ openstack_region }}"
+    OPENSTACK_KEYSTONE_URL: "http://{{ hostvars['openstack0']['ansible_default_ipv4']['address'] }}:5000/3.0"
+    OPENSTACK_TENANT_NAME: "{{ openstack_tenant }}"
+    OPENSTACK_ENCTYPTED_PASSWORD: "{{ encrypted_password.stdout }}"
+  changed_when: false

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_docker/defaults/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/defaults/main.yml
index 3ec4af3..1d24016 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/setup_docker/defaults/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/defaults/main.yml
@@ -1,3 +1,3 @@
 ---
-docker_version: "19.03.15"
+docker_version: "20.10.18"
 local_user: "ubuntu"

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_docker/handlers/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/handlers/main.yml
new file mode 100644 (file)
index 0000000..3627303
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: restart docker
+  service:
+    name: docker
+    state: restarted

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_docker/tasks/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/tasks/main.yml
index 29dee31..12e13f4 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/setup_docker/tasks/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/tasks/main.yml
@@ -1,38 +1,6 @@
-- name: Install deps
-  apt:
-    name: "{{ item }}"
-    state: present
-  with_items:
-    - apt-transport-https
-    - ca-certificates
-    - curl
-    - software-properties-common
-
-- name: Add Docker repo key
-  apt_key:
-    url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg"
-    state: present
-
-- name: Add Docker repo
-  apt_repository:
-    repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release | lower }} stable"
-    state: present
-    update_cache: yes
-
-- name: Find exact Docker version
-  shell: "apt-cache madison docker-ce | grep {{ docker_version }} | head -n 1 | cut -d ' ' -f 4"
-  register: docker_pkg_version
-
-- name: install Docker
-  apt:
-    name: "{{ item }}"
-    state: present
-  with_items:
-    - "docker-ce={{ docker_pkg_version.stdout }}"
-    - "docker-ce-cli={{ docker_pkg_version.stdout }}"
-
-- name: Lock docker version
-  command: apt-mark hold docker-ce docker-ce-cli
+---
+- name: Setup Docker repo and packages
+  include_tasks: packages.yml
 
 - name: Add user to docker group
   user:
@@ -46,3 +14,13 @@
     name: docker
     state: started
     enabled: yes
+
+- name: Configure Docker
+  copy:
+    dest: /etc/docker/daemon.json
+    content: "{{ docker_config | to_nice_json }}"
+    mode: 0600
+    backup: true
+  when: docker_config is defined
+  notify:
+    - restart docker

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_docker/tasks/packages.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/tasks/packages.yml
new file mode 100644 (file)
index 0000000..814dd28
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/tasks/packages.yml
@@ -0,0 +1,41 @@
+---
+- name: Install deps
+  apt:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - apt-transport-https
+    - ca-certificates
+    - curl
+    - software-properties-common
+
+- name: Add Docker repo key
+  apt_key:
+    url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg"
+    state: present
+
+- name: Add Docker repo
+  apt_repository:
+    repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release | lower }} stable"
+    state: present
+    update_cache: yes
+
+- name: Find exact Docker version
+  shell: "set -o pipefail && apt-cache madison docker-ce | grep {{ docker_version }} | head -n 1 | cut -d ' ' -f 4"
+  args:
+    executable: "/bin/bash"
+  register: docker_pkg_version
+  changed_when: false
+
+- name: install Docker
+  apt:
+    name: "{{ item }}"
+    state: present
+    allow_downgrade: true
+  with_items:
+    - "docker-ce={{ docker_pkg_version.stdout }}"
+    - "docker-ce-cli={{ docker_pkg_version.stdout }}"
+
+- name: Lock docker version
+  command: apt-mark hold docker-ce docker-ce-cli
+  changed_when: false

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_docker/vars/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/vars/main.yml
new file mode 100644 (file)
index 0000000..6879cca
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_docker/vars/main.yml
@@ -0,0 +1,8 @@
+---
+# docker_config will be converted to json and placed as a /etc/docker/daemon.json
+#docker_config:
+#  insecure-registries:
+#    - "192.168.1.1:5000"
+#    - "192.168.1.2:5000"
+#  registry-mirrors:
+#    - "http://192.168.1.1:5000"

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_helm/defaults/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_helm/defaults/main.yml
index cbbb3c9..7de57af 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/setup_helm/defaults/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_helm/defaults/main.yml
@@ -1,6 +1,7 @@
 ---
-helm_version: "3.6.3"
-chartmuseum_version: "0.13.1"
+helm_version: "3.7.2"
+helm_cm_push_version: "0.10.3"
+chartmuseum_version: "0.15.0"
 chartmuseum_port: "8879"
 chartmuseum_dir: "{{ ansible_user_dir }}/helm3-storage"
 local_user: "{{ ansible_user_id }}"

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/cm.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/cm.yml
new file mode 100644 (file)
index 0000000..71f43ad
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/cm.yml
@@ -0,0 +1,45 @@
+---
+- name: Check if chartmuseum is installed
+  stat:
+    path: /usr/local/bin/chartmuseum
+  register: cm_bin
+
+- name: Check if chartmuseum is installed
+  stat:
+    path: /tmp/get-chartmuseum
+  register: cm_install
+
+- name: Download chartmuseum install script
+  get_url:
+    url: "https://raw.githubusercontent.com/helm/chartmuseum/v{{ chartmuseum_version }}/scripts/get-chartmuseum"
+    dest: "/tmp/"
+    mode: '700'
+  when: not cm_install.stat.exists
+
+- name: Install chartmuseum
+  become: yes
+  command:
+    cmd: "./get-chartmuseum -v v{{ chartmuseum_version }}"
+    chdir: "/tmp/"
+  when: not cm_bin.stat.exists
+
+- name: Create chartmuseum local storage
+  file:
+    name: "{{ chartmuseum_dir }}"
+    state: directory
+    mode: '0755'
+
+- name: Install chartmuseum service file
+  become: yes
+  template:
+    src: "chartmuseum.service.j2"
+    dest: "/etc/systemd/system/chartmuseum.service"
+    mode: '0444'
+  notify: Reload systemd
+
+- name: Start and enable chartmuseum
+  become: yes
+  service:
+    name: "chartmuseum"
+    state: started
+    enabled: yes

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/helm.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/helm.yml
new file mode 100644 (file)
index 0000000..88ba29f
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/helm.yml
@@ -0,0 +1,35 @@
+---
+- name: Download helm
+  get_url:
+    url: "https://get.helm.sh/helm-v{{ helm_version }}-linux-amd64.tar.gz"
+    dest: "/tmp"
+
+- name: Unarchive helm
+  unarchive:
+    src: "/tmp/helm-v{{ helm_version }}-linux-amd64.tar.gz"
+    dest: "/tmp/"
+    remote_src: yes
+
+- name: Copy helm binary to $PATH
+  become: yes
+  copy:
+    src: "/tmp/linux-amd64/helm"
+    dest: "/usr/local/bin/"
+    remote_src: yes
+    mode: '0555'
+
+- name: Install Helm Push plugin
+  kubernetes.core.helm_plugin:
+    plugin_path: "https://github.com/chartmuseum/helm-push.git"
+    plugin_version: "{{ helm_cm_push_version }}"
+    state: present
+
+- name: Install Helm OOM Deploy plugin
+  kubernetes.core.helm_plugin:
+    plugin_path: "{{ oom_dir }}/kubernetes/helm/plugins/deploy"
+    state: present
+
+- name: Install Helm OOM Undeploy plugin
+  kubernetes.core.helm_plugin:
+    plugin_path: "{{ oom_dir }}/kubernetes/helm/plugins/undeploy"
+    state: present

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/main.yml
index 93787be..94abf6e 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_helm/tasks/main.yml
@@ -1,67 +1,9 @@
-- name: Download helm
-  get_url:
-    url: "https://get.helm.sh/helm-v{{ helm_version }}-linux-amd64.tar.gz"
-    dest: "/tmp"
+---
+- name: Setup helm
+  include_tasks: helm.yml
 
-- name: Unarchive helm
-  unarchive:
-    src: "/tmp/helm-v{{ helm_version }}-linux-amd64.tar.gz"
-    dest: "/tmp/"
-    remote_src: yes
-
-- name: Copy helm binary to $PATH
-  become: yes
-  copy:
-    src: "/tmp/linux-amd64/helm"
-    dest: "/usr/local/bin/"
-    remote_src: yes
-    mode: '0555'
-
-- name: Install Helm Push plugin
-  command: helm plugin install --version 0.9.0 https://github.com/chartmuseum/helm-push.git
-
-- name: Install Helm OOM Deploy plugin
-  kubernetes.core.helm_plugin:
-    plugin_path: "{{ oom_dir }}/kubernetes/helm/plugins/deploy"
-    state: present
-
-- name: Install Helm OOM Undeploy plugin
-  kubernetes.core.helm_plugin:
-    plugin_path: "{{ oom_dir }}/kubernetes/helm/plugins/undeploy"
-    state: present
-
-- name: Download chartmuseum install script
-  get_url:
-    url: "https://raw.githubusercontent.com/helm/chartmuseum/v{{ chartmuseum_version }}/scripts/get-chartmuseum"
-    dest: "/tmp/"
-    mode: '700'
-
-- name: Install chartmuseum
-  become: yes
-  command:
-    cmd: "./get-chartmuseum -v v{{ chartmuseum_version }}"
-    chdir: "/tmp/"
-
-- name: Create chartmuseum local storage
-  file:
-    name: "{{ chartmuseum_dir }}"
-    state: directory
-    mode: '0755'
-
-- name: Install chartmuseum service file
-  become: yes
-  template:
-    src: "chartmuseum.service.j2"
-    dest: "/etc/systemd/system/chartmuseum.service"
-    mode: '0444'
-  notify: Reload systemd
-
-- name: Start and enable chartmuseum
-  become: yes
-  service:
-    name: "chartmuseum"
-    state: started
-    enabled: yes
+- name: Setup chartmuseum
+  include_tasks: cm.yml
 
 - name: Add local Helm repository
   kubernetes.core.helm_repository:

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/defaults/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/defaults/main.yml
index 527238d..021aae0 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/defaults/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/defaults/main.yml
@@ -1,3 +1,3 @@
 ---
-rke_version: "1.2.11"
-k8s_version: "v1.19.13-rancher1-1"
+rke_version: "1.3.15"
+rke_k8s_version: "v{{ k8s_version }}-rancher1-1"

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/kubectl.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/kubectl.yml
new file mode 100644 (file)
index 0000000..f9912eb
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/kubectl.yml
@@ -0,0 +1,13 @@
+---
+- name: Check if kubectl is available
+  stat:
+    path: "/usr/local/bin/kubectl"
+  register: kubectl_bin
+
+- name: Get kubectl
+  become: yes
+  get_url:
+    url: "https://dl.k8s.io/release/v{{ k8s_version }}/bin/linux/amd64/kubectl"
+    dest: "/usr/local/bin/"
+    mode: '0555'
+  when: not kubectl_bin.stat.exists

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/main.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/main.yml
index 53d7b81..7d3ba00 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/main.yml
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/main.yml
@@ -1,20 +1,6 @@
-- name: Download RKE
-  get_url:
-    url: "https://github.com/rancher/rke/releases/download/v{{ rke_version }}/rke_linux-amd64"
-    dest: "{{ ansible_user_dir }}/rke"
-    mode: '0700'
-
-- name: Prepare RKE configuration
-  template:
-    src: "cluster.yml.j2"
-    dest: "{{ ansible_user_dir }}/cluster.yml"
-    mode: '0400'
-
-- name: Run RKE
-  command:
-    cmd: "./rke up"
-    chdir: "{{ ansible_user_dir }}"
-    creates: "{{ ansible_user_dir }}/kube_config_cluster.yml"
+---
+- name: Deploy kubernetes with RKE
+  include_tasks: rke.yml
 
 - name: Create k8s directory
   file:
@@ -24,10 +10,7 @@
 
 - name: Set k8s config
   command: "mv {{ ansible_user_dir }}/kube_config_cluster.yml {{ ansible_user_dir }}/.kube/config"
+  when: rke_run and rke_run.rc == 0
 
-- name: Get kubectl
-  become: yes
-  get_url:
-    url: "https://dl.k8s.io/release/{{ k8s_version.split('-')[0] }}/bin/linux/amd64/kubectl"
-    dest: "/usr/local/bin/"
-    mode: '0555'
+- name: Install kubectl
+  include_tasks: kubectl.yml

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/rke.yml b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/rke.yml
new file mode 100644 (file)
index 0000000..b253e71
--- /dev/null
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/tasks/rke.yml
@@ -0,0 +1,25 @@
+---
+- name: Check if RKE is available
+  stat:
+    path: "{{ ansible_user_dir }}/rke"
+  register: rke_bin
+
+- name: Download RKE
+  get_url:
+    url: "https://github.com/rancher/rke/releases/download/v{{ rke_version }}/rke_linux-amd64"
+    dest: "{{ ansible_user_dir }}/rke"
+    mode: '0700'
+  when: not rke_bin.stat.exists
+
+- name: Prepare RKE configuration
+  template:
+    src: "cluster.yml.j2"
+    dest: "{{ ansible_user_dir }}/cluster.yml"
+    mode: '0400'
+
+- name: Run RKE
+  command:
+    cmd: "./rke up"
+    chdir: "{{ ansible_user_dir }}"
+    creates: "{{ ansible_user_dir }}/kube_config_cluster.yml"
+  register: rke_run

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/templates/cluster.yml.j2 b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/templates/cluster.yml.j2
index 9928052..3b83fd4 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/templates/cluster.yml.j2
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_k8s/templates/cluster.yml.j2
@@ -40,7 +40,7 @@ ssh_agent_auth: false
 authorization:
   mode: rbac
 ignore_docker_version: false
-kubernetes_version: "{{ k8s_version }}"
+kubernetes_version: "{{ rke_k8s_version }}"
 private_registries:
 - url: nexus3.onap.org:10001
   user: docker

diff --git a/deployment/noheat/cluster-rke/ansible/roles/setup_nfs/templates/exports.j2 b/deployment/noheat/cluster-rke/ansible/roles/setup_nfs/templates/exports.j2
index edadcb9..6a5a825 100644 (file)
--- a/deployment/noheat/cluster-rke/ansible/roles/setup_nfs/templates/exports.j2
+++ b/deployment/noheat/cluster-rke/ansible/roles/setup_nfs/templates/exports.j2
@@ -1 +1 @@
-{{ nfs_mountpoint }} {% for host in (groups['control'] | union(groups['workers'])) %} {{ hostvars[host]['ansible_default_ipv4']['address'] }}{% endfor %}(rw,sync,no_root_squash,no_subtree_check)
+{{ nfs_mountpoint }} {% for host in (groups['control'] | union(groups['workers'])) %} {{ hostvars[host]['ansible_default_ipv4']['address'] }}(rw,sync,no_root_squash,no_subtree_check){% endfor %}

diff --git a/deployment/noheat/common-vars.yml b/deployment/noheat/common-vars.yml
new file mode 100644 (file)
index 0000000..8e1dc71
--- /dev/null
+++ b/deployment/noheat/common-vars.yml
@@ -0,0 +1,2 @@
+---
+k8s_version: "1.22.13"

diff --git a/deployment/noheat/deploy-all.yml b/deployment/noheat/deploy-all.yml
new file mode 100644 (file)
index 0000000..2ea0695
--- /dev/null
+++ b/deployment/noheat/deploy-all.yml
@@ -0,0 +1,9 @@
+---
+- name: Create infastructure
+  import_playbook: infra-openstack/ansible/create.yml
+- hosts: operator0
+  tasks:
+  - name: Deploy Devstack
+    ansible.builtin.command: ansible-playbook -i {{ ansible_user_dir }}/inventory.ini {{ ansible_user_dir }}/devstack/ansible/create.yml
+  - name: Deploy k8s & ONAP
+    ansible.builtin.command: ansible-playbook -i {{ ansible_user_dir }}/inventory.ini {{ ansible_user_dir }}/deploy/cluster-rke/ansible/create.yml

diff --git a/deployment/noheat/devstack/ansible/create.yml b/deployment/noheat/devstack/ansible/create.yml
new file mode 100644 (file)
index 0000000..f11fe11
--- /dev/null
+++ b/deployment/noheat/devstack/ansible/create.yml
@@ -0,0 +1,43 @@
+---
+- name: Deploy Devstack
+  hosts: "openstack*"
+  tasks:
+  - name: Update Devstack hosts
+    become: true
+    ansible.builtin.apt:
+      upgrade: full
+      update_cache: true
+      autoremove: true
+      autoclean: true
+
+  - name: Reboot OS
+    become: true
+    ansible.builtin.reboot:
+
+  - name: Clone Devstack
+    ansible.builtin.git:
+      repo: "https://opendev.org/openstack/devstack"
+      dest: "{{ devstack_dir }}"
+      version: "{{ devstack_version }}"
+
+  - name: Copy local.conf
+    ansible.builtin.template:
+      src: "local.conf.j2"
+      dest: "{{ devstack_dir }}/local.conf"
+      mode: '0600'
+
+  - name: Run devstack setup script
+    ansible.builtin.command:
+      chdir: "{{ devstack_dir }}"
+      cmd: "./stack.sh"
+      creates: /opt/stack
+
+  - name: Run devstack setup script
+    ansible.builtin.file:
+      path: "{{ devstack_dir }}"
+      state: absent
+
+  handlers:
+  - name: Reboot OS
+    become: true
+    ansible.builtin.reboot:

diff --git a/deployment/noheat/devstack/ansible/group_vars/all/all.yml b/deployment/noheat/devstack/ansible/group_vars/all/all.yml
new file mode 100644 (file)
index 0000000..b2d63c6
--- /dev/null
+++ b/deployment/noheat/devstack/ansible/group_vars/all/all.yml
@@ -0,0 +1,3 @@
+---
+devstack_dir: "{{ ansible_user_dir }}/devstack"
+devstack_version: "stable/yoga"

diff --git a/deployment/noheat/devstack/ansible/templates/local.conf.j2 b/deployment/noheat/devstack/ansible/templates/local.conf.j2
new file mode 100644 (file)
index 0000000..0bfa3bb
--- /dev/null
+++ b/deployment/noheat/devstack/ansible/templates/local.conf.j2
@@ -0,0 +1,5 @@
+[[local|localrc]]
+ADMIN_PASSWORD="{{ openstack_passwd }}"
+DATABASE_PASSWORD=$ADMIN_PASSWORD
+RABBIT_PASSWORD=$ADMIN_PASSWORD
+SERVICE_PASSWORD=$ADMIN_PASSWORD

diff --git a/deployment/noheat/infra-openstack/README.rst b/deployment/noheat/infra-openstack/README.rst
index 1ac9539..c48dfa7 100644 (file)
--- a/deployment/noheat/infra-openstack/README.rst
+++ b/deployment/noheat/infra-openstack/README.rst
@@ -22,13 +22,8 @@ Configuration
 Dependencies
 ~~~~~~~~~~~~
 
-- Ansible: tested on 2.9.9 (using Python 3.5.2)
-    - Collections
-        - community.crypto: tested on 1.3.0
-        - ansible.posix: tested on 1.1.1
-    - Roles
-        - geerlingguy.ansible: tested on 2.1.0
-- openstacksdk_: tested on 0.46.0 (using Python 3.5.2)
+Tested on Python 3.8.10. Required Python dependencies can be found in ``../requirements.txt``.
+Required Ansible roles and collections can be found in ``../requirements.yml``
 
 .. _openstacksdk: https://pypi.org/project/openstacksdk
 

diff --git a/deployment/noheat/infra-openstack/ansible/create.yml b/deployment/noheat/infra-openstack/ansible/create.yml
index 825bee3..7383066 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/create.yml
+++ b/deployment/noheat/infra-openstack/ansible/create.yml
@@ -10,6 +10,21 @@
     - role: create_hosts
       hosts: "{{ operation.hosts }}"
       operator_key: "dummy"
+  tasks:
+    - name: Get operator Openstack info
+      openstack.cloud.server_info:
+        server: "operator0"
+      register: operator_info
+    - name: Create directory for artifacts
+      ansible.builtin.file:
+        name: "artifacts"
+        state: directory
+        mode: '0755'
+    - name: Save operator access information
+      ansible.builtin.copy:
+        content: "{{ operator_info['openstack_servers'][0]['public_v4'] }},{{ image['user'] }},~/.ssh/{{ keypair['key']['name'] }}"
+        dest: "artifacts/operator.csv"
+        mode: "0644"
 - name: Create cluster operator access keypair
   hosts: "operator0"
   gather_facts: False
@@ -21,10 +36,18 @@
         path: "~/.ssh/{{ keypair.name }}"
       register: key
     - name: Add operator0 public key to it's authorized keys
-      authorized_key:
+      ansible.posix.authorized_key:
         key: "{{ key['public_key'] }}"
         state: present
         user: "{{ ansible_user }}"
+- name: Create OpenStack instances
+  hosts: localhost
+  connection: local
+  gather_facts: False
+  roles:
+    - role: create_hosts
+      hosts: "{{ openstack.hosts }}"
+      operator_key: "{{ hostvars['operator0']['key']['public_key'] }}"
 - name: Create cluster instances
   hosts: localhost
   connection: local
@@ -35,9 +58,8 @@
       operator_key: "{{ hostvars['operator0']['key']['public_key'] }}"
 - name: Create cluster operator access information
   hosts: "operator0"
-  roles:
-    - role: geerlingguy.ansible
-      become: yes
+  vars_files:
+    - ../../common-vars.yml
   tasks:
     - name: Add cluster hostnames to /etc/hosts file
       lineinfile:
@@ -52,25 +74,63 @@
       vars:
         hosts: "{{ lookup('dict', hostvars['localhost']['hosts_dict']) }}"
     - name: Push in-cluster deployment stage description to the next Ansible control host
-      ansible.posix.synchronize:
+      copy:
         src: ../../cluster-rke
         dest: ~/deploy
-    - name: Install python dependencies
-      become: yes
-      package:
-        name:
-          - python3-pip
-          - python3-setuptools
-        state: present
-    - name: Install community.kubernetes.k8s Ansible collection dependencies
-      pip:
-        name:
-          - openshift
-          - pyyaml
-          - kubernetes
-        executable: pip3
-      become: yes
-    - name: Add Ansible collection dependencies
-      command: "ansible-galaxy collection install ansible.posix"
-    - name: Add community.kubernetes Ansible collection
-      command: "ansible-galaxy collection install community.kubernetes"
+    - name: Push Devstack deployment stage description to the next Ansible control host
+      copy:
+        src: ../../devstack
+        dest: ~/
+    - name: Push common variables to the next Ansible control host
+      copy:
+        src: ../../common-vars.yml
+        dest: ~/
+    - name: Push Devstack vars to the next Ansible control host (for Devstack stage)
+      template:
+        src: "templates/openstack.yml.j2"
+        dest: ~/devstack/ansible/group_vars/all/openstack.yml
+        mode: '0644'
+    - name: Push Devstack vars to the next Ansible control host (for cluster-rke stage)
+      template:
+        src: "templates/openstack.yml.j2"
+        dest: ~/deploy/cluster-rke/ansible/group_vars/all/openstack.yml
+        mode: '0644'
+    - name: Create Devstack config directory
+      file:
+        path: ~/.config/openstack/
+        state: directory
+        mode: '0755'
+    - name: Generate Devstack clouds.yml file
+      template:
+        src: "templates/clouds.yaml.j2"
+        dest: ~/.config/openstack/clouds.yml
+        mode: '0644'
+    - block:
+      - name: Install python dependencies
+        become: yes
+        apt:
+          name:
+            - python3-pip
+            - python3-setuptools
+            - default-jdk-headless
+          state: present
+          update_cache: true
+      - name: Install community.kubernetes.k8s Ansible collection dependencies
+        pip:
+          name:
+            - ansible-core==2.13.5
+            - openshift==0.13.1
+            - pyyaml==6.0
+            # Major version of Python k8s libraty matches minor version of k8s.
+            - kubernetes~={{ k8s_version | regex_search("[^^.][0-9]+[^$]") ~ "0" }}
+          executable: pip3
+        become: yes
+      - name: Copy ansible-galaxy requirements file
+        copy:
+          src: operator-requirements.yml
+          dest: ~/requirements.yml
+          mode: '0444'
+      - name: Install ansible-galaxy collections
+        community.general.ansible_galaxy_install:
+          requirements_file: ~/requirements.yml
+          type: both

diff --git a/deployment/noheat/infra-openstack/ansible/destroy.yml b/deployment/noheat/infra-openstack/ansible/destroy.yml
index ff9d5fc..1564e30 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/destroy.yml
+++ b/deployment/noheat/infra-openstack/ansible/destroy.yml
@@ -8,6 +8,8 @@
       hosts: "{{ cluster.hosts }}"
     - role: destroy_hosts
       hosts: "{{ operation.hosts }}"
+    - role: destroy_hosts
+      hosts: "{{ openstack.hosts }}"
     - destroy_keypair
     - destroy_network
     - destroy_securitygroup

diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml
deleted file mode 120000 (symlink)
index e4e1e1f..0000000
--- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml
+++ /dev/null
@@ -1 +0,0 @@
-all.yml.sample
\ No newline at end of file

diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample
index 1b03b06..541e152 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample
@@ -18,9 +18,23 @@ securitygroup:
     - "192.168.1.0/24"
 
 image:
-  name: &image_name "Ubuntu_18.04"
+  name: &image_name "Ubuntu_20.04"
   user: "ubuntu"
 
+openstack:
+  name: "vnf0"
+  inventory: "~/inventory.ini"
+  hosts:
+    - name: "openstack0"
+      image: *image_name
+      flavor: "m1.large"
+      keypair: *keypair_name
+      network: *network_name
+      securitygroup: *securitygroup_name
+      boot_from_volume: true
+      terminate_volume: true
+      volume_size: 100
+
 operation:
   name: "operation0"
   inventory: "~/inventory.ini"

diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap
index cb5168c..9223ea5 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap
@@ -14,9 +14,22 @@ securitygroup:
     - "192.168.1.0/24"
 
 image:
-  name: &image_name "Ubuntu_18.04"
+  name: &image_name "Ubuntu_20.04"
   user: "ubuntu"
 
+openstack:
+  name: "vnf0"
+  inventory: "~/inventory.ini"
+  hosts:
+    - name: "openstack0"
+      image: *image_name
+      flavor: "m1.xlarge"
+      keypair: *keypair_name
+      network: *network_name
+      auto_ip: false
+      securitygroup: *securitygroup_name
+      volume_size: 140
+
 operation:
   name: "operation0"
   inventory: "~/inventory.ini"

diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all/all.yml b/deployment/noheat/infra-openstack/ansible/group_vars/all/all.yml
new file mode 120000 (symlink)
index 0000000..8548398
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all/all.yml
@@ -0,0 +1 @@
+../all.yml.sample
\ No newline at end of file

diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all/openstack.yml b/deployment/noheat/infra-openstack/ansible/group_vars/all/openstack.yml
new file mode 100644 (file)
index 0000000..63ed1b0
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all/openstack.yml
@@ -0,0 +1,6 @@
+---
+openstack_username: "admin"
+openstack_domain: "Default"
+openstack_passwd: "secret"
+openstack_region: "RegionOne"
+openstack_tenant: "admin"

diff --git a/deployment/noheat/infra-openstack/ansible/operator-requirements.yml b/deployment/noheat/infra-openstack/ansible/operator-requirements.yml
new file mode 100644 (file)
index 0000000..08b7eee
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/operator-requirements.yml
@@ -0,0 +1,8 @@
+---
+collections:
+  - name: ansible.posix
+    version: 1.4.0
+  - name: kubernetes.core
+    version: 2.3.2
+  - name: community.general
+    version: 5.7.0

diff --git a/deployment/noheat/infra-openstack/ansible/roles/create_hosts/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/create_hosts/tasks/main.yml
index 731bca0..933b2f5 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/create_hosts/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/create_hosts/tasks/main.yml
@@ -1,3 +1,5 @@
 ---
-- include: create_host.yml host={{ item }}
+- include_tasks: create_host.yml
   loop: "{{ hosts }}"
+  loop_control:
+    loop_var: host

diff --git a/deployment/noheat/infra-openstack/ansible/roles/create_keypair/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/create_keypair/tasks/main.yml
index a330875..8a7c720 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/create_keypair/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/create_keypair/tasks/main.yml
@@ -5,11 +5,11 @@
   register: keypair
 
 - name: Create local public key
-  local_action:
-    module: copy
+  copy:
     content: "{{ keypair.key.public_key }}"
     dest: "~/.ssh/{{ keypair.key.name }}.pub"
     mode: 0600
+  delegate_to: localhost
 
 - name: Check if local private key exists
   stat:
@@ -17,9 +17,9 @@
   register: local_private_key
 
 - name: Create local private key
-  local_action:
-    module: copy
+  copy:
     content: "{{ keypair.key.private_key }}"
     dest: "~/.ssh/{{ keypair.key.name }}"
     mode: 0600
-  when: local_private_key.stat.exists == False
+  delegate_to: localhost
+  when: not local_private_key.stat.exists

diff --git a/deployment/noheat/infra-openstack/ansible/roles/create_network/tasks/create_network.yml b/deployment/noheat/infra-openstack/ansible/roles/create_network/tasks/create_network.yml
index 81d8caa..3e22ee6 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/create_network/tasks/create_network.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/create_network/tasks/create_network.yml
@@ -15,6 +15,8 @@
     network_name: "{{ net.name }}"
     cidr: "{{ net.cidr }}"
     dns_nameservers: "{{ dns_ips if dns_ips is defined else omit }}"
+    allocation_pool_start: '{{ net.allocation_pool_start | default("") }}'
+    allocation_pool_end: '{{ net.allocation_pool_end | default ("") }}'
     state: present
 
 - name: "Create {{ net.name }} router"

diff --git a/deployment/noheat/infra-openstack/ansible/roles/create_network/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/create_network/tasks/main.yml
index 5e3ef67..cce6f79 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/create_network/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/create_network/tasks/main.yml
@@ -1,4 +1,6 @@
 ---
-- include: create_network.yml net={{ item }}
+- include_tasks: create_network.yml
   loop:
     - "{{ network }}"
+  loop_control:
+    loop_var: net

diff --git a/deployment/noheat/infra-openstack/ansible/roles/create_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/create_securitygroup/tasks/main.yml
index d04b72c..8729880 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/create_securitygroup/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/create_securitygroup/tasks/main.yml
@@ -1,5 +1,5 @@
 ---
-- include: create_securitygroup.yml
+- include_tasks: create_securitygroup.yml
   loop:
     - "{{ securitygroup }}"
   loop_control:

diff --git a/deployment/noheat/infra-openstack/ansible/roles/destroy_hosts/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/destroy_hosts/tasks/main.yml
index 5ce130d..1dd5c72 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/destroy_hosts/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/destroy_hosts/tasks/main.yml
@@ -1,3 +1,5 @@
 ---
-- include: destroy_host.yml host={{ item }}
+- include_tasks: destroy_host.yml
   loop: "{{ hosts }}"
+  loop_control:
+    loop_var: host

diff --git a/deployment/noheat/infra-openstack/ansible/roles/destroy_network/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/destroy_network/tasks/main.yml
index e52dcbd..1d84ab6 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/destroy_network/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/destroy_network/tasks/main.yml
@@ -1,4 +1,6 @@
 ---
-- include: destroy_network.yml net={{ item }}
+- include_tasks: destroy_network.yml
   loop:
     - "{{ network }}"
+  loop_control:
+    loop_var: net

diff --git a/deployment/noheat/infra-openstack/ansible/roles/destroy_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/destroy_securitygroup/tasks/main.yml
index de098af..8142e80 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/destroy_securitygroup/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/destroy_securitygroup/tasks/main.yml
@@ -1,4 +1,6 @@
 ---
-- include: destroy_securitygroup.yml secgrp={{ item }}
+- include_tasks: destroy_securitygroup.yml
   loop:
     - "{{ securitygroup }}"
+  loop_control:
+    loop_var: secgrp

diff --git a/deployment/noheat/infra-openstack/ansible/templates/clouds.yaml.j2 b/deployment/noheat/infra-openstack/ansible/templates/clouds.yaml.j2
new file mode 100644 (file)
index 0000000..afbbc87
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/templates/clouds.yaml.j2
@@ -0,0 +1,11 @@
+clouds:
+  openstack:
+    auth:
+      auth_url: "https://{{ hostvars['localhost']['hosts_dict']['openstack0'] }}:5000/v3"
+      project_name: "{{ openstack_tenant }}""
+      username: "{{ openstack_username }}"
+      user_domain_name: "{{ openstack_domain }}"
+      password: "{{ openstack_passwd }}"
+    region_name: "{{ openstack_region }}"
+    interface: "public"
+    identity_api_version: 3

diff --git a/deployment/noheat/infra-openstack/ansible/templates/inventory.ini.j2 b/deployment/noheat/infra-openstack/ansible/templates/inventory.ini.j2
index 15bb7ca..79da2c6 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/templates/inventory.ini.j2
+++ b/deployment/noheat/infra-openstack/ansible/templates/inventory.ini.j2
@@ -3,6 +3,13 @@
 {{ item.key }} ansible_host={{ item.value }}
 {% endfor %}
 
+[openstack]
+{% for item in hosts %}
+{% if "openstack" in item.key %}
+{{ item.key }}
+{% endif %}
+{% endfor %}
+
 [operator]
 {% for item in hosts %}
 {% if "operator" in item.key %}

diff --git a/deployment/noheat/infra-openstack/ansible/templates/openstack.yml.j2 b/deployment/noheat/infra-openstack/ansible/templates/openstack.yml.j2
new file mode 100644 (file)
index 0000000..25233ab
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/templates/openstack.yml.j2
@@ -0,0 +1,5 @@
+---
+openstack_username: "{{ openstack_username }}"
+openstack_passwd: "{{ openstack_passwd }}"
+openstack_region: "{{ openstack_region }}"
+openstack_tenant: "{{ openstack_tenant }}"

diff --git a/deployment/noheat/infra-openstack/vagrant/Vagrantfile b/deployment/noheat/infra-openstack/vagrant/Vagrantfile
index 8acdf14..ed1a3d0 100644 (file)
--- a/deployment/noheat/infra-openstack/vagrant/Vagrantfile
+++ b/deployment/noheat/infra-openstack/vagrant/Vagrantfile
@@ -11,15 +11,15 @@ os_clouds_dir = "${HOME}/.config/openstack"
 os_clouds_config = "#{os_clouds_dir}/clouds.yaml"
 os_admin = "admin"
 os_user = "demo"
-image_url = "https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img"
-image_name = "Ubuntu_18.04"
+image_url = "https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img"
+image_name = "Ubuntu_20.04"
 
 vm_cpu = 1
 vm_cpus = 4
 vm_memory = 1 * 1024
 vm_memory_os = 8 * 1024
 vm_disk = 32
-vm_box = "generic/ubuntu1804"
+vm_box = "generic/ubuntu2004"
 
 operation = {
   name: 'operator',

diff --git a/deployment/noheat/requirements.txt b/deployment/noheat/requirements.txt
index dfa66f7..8ef36fc 100644 (file)
--- a/deployment/noheat/requirements.txt
+++ b/deployment/noheat/requirements.txt
@@ -1,3 +1,3 @@
-wheel==0.36.2
-openstacksdk==0.58.0
-ansible==2.9.24
+wheel==0.37.1
+openstacksdk==0.61.0
+ansible-core==2.13.5

diff --git a/deployment/noheat/requirements.yml b/deployment/noheat/requirements.yml
new file mode 100644 (file)
index 0000000..af82600
--- /dev/null
+++ b/deployment/noheat/requirements.yml
@@ -0,0 +1,10 @@
+---
+collections:
+  - name: ansible.posix
+    version: 1.4.0
+  - name: community.general
+    version: 5.7.0
+  - name: community.crypto
+    version: 2.7.0
+  - name: openstack.cloud
+    version: 1.10.0