Merge pull request #8 from merizrizal/refactoring

refactor: Now configure_service is converted to roles in common

Author: merizrizal

ansible/deploy_openstack/inventories/local/group_vars/controller/secret.yml

@@ -6,3 +6,4 @@ os_glance_password: vagrant
 placement_password: vagrant
 nova_password: vagrant
 neutron_password: vagrant
+octavia_password: vagrant

ansible/deploy_openstack/playbook_setup_octavia.yml

@@ -0,0 +1,8 @@
+---
+- name: Deploy and setup OpenStack Octavia on controller node
+  hosts: controller
+  become: true
+  vars_files:
+    - "{{ root_dir ~ '/inventories/' ~ target_env ~ '/nodes.yml' }}"
+  roles:
+    - role: octavia

ansible/deploy_openstack/roles/cinder_controller/tasks/configure_service.yml

@@ -15,9 +15,20 @@
       - cinder-scheduler
     state: present
 
-- name: Configure service
-  ansible.builtin.include_tasks:
-    file: configure_service.yml
+- name: Configure Cinder service
+  ansible.builtin.include_role:
+    name: common
+    tasks_from: configure_service
+  vars:
+    component: cinder
+    os_component_password: "{{ os_cinder_password }}"
+    user_roles:
+      - admin
+      - service
+    service_name: volumev3
+    service_description: OpenStack Block Storage
+    endpoint_url: http://{{ controller01_host_addr }}:8776/v3
+    endpoint_url_suffix: /%\(project_id\)s
 
 - name: Set facts
   ansible.builtin.set_fact:

ansible/deploy_openstack/roles/cinder_controller/tasks/main.yml

@@ -0,0 +1,67 @@
+---
+- name: Create user and its roles
+  ansible.builtin.include_tasks:
+    file: create_user_and_roles.yml
+  vars:
+    os_component:
+      name: "{{ component }}"
+      password: "{{ os_component_password }}"
+    user_role_list: "{{ user_roles }}"
+
+- name: Create service
+  ansible.builtin.include_tasks:
+    file: create_service.yml
+  vars:
+    os_component_name: "{{ component }}"
+    service:
+      name: "{{ service_name }}"
+      description: "{{ service_description }}"
+
+- name: Check endpoint_url_suffix and append to endpoint_url when defined
+  ansible.builtin.set_fact:
+    service_endpoint_url: "{{ endpoint_url ~ (endpoint_url_suffix | default('')) }}"
+
+- name: Check public component service API endpoints
+  ansible.builtin.shell:
+    cmd: |
+      set -o pipefail #
+      openstack endpoint list | grep -E 'RegionOne.*.{{ component }}.*.{{ service_name }}.*.public.*.{{ endpoint_url }}' || true
+    executable: /bin/bash
+  register: public_endpoint
+  changed_when: false
+
+- name: Create public component service API endpoints
+  ansible.builtin.command:
+    cmd: openstack endpoint create --region RegionOne {{ service_name }} public {{ service_endpoint_url }}
+  when: public_endpoint.stdout is defined and public_endpoint.stdout == ""
+  changed_when: true
+
+- name: Check internal component service API endpoints
+  ansible.builtin.shell:
+    cmd: |
+      set -o pipefail #
+      openstack endpoint list | grep -E 'RegionOne.*.{{ component }}.*.{{ service_name }}.*.internal.*.{{ endpoint_url }}' || true
+    executable: /bin/bash
+  register: internal_endpoint
+  changed_when: false
+
+- name: Create internal component service API endpoints
+  ansible.builtin.command:
+    cmd: openstack endpoint create --region RegionOne {{ service_name }} internal {{ service_endpoint_url }}
+  when: internal_endpoint.stdout is defined and internal_endpoint.stdout == ""
+  changed_when: true
+
+- name: Check admin component service API endpoints
+  ansible.builtin.shell:
+    cmd: |
+      set -o pipefail #
+      openstack endpoint list | grep -E 'RegionOne.*.{{ component }}.*.{{ service_name }}.*.admin.*.{{ endpoint_url }}' || true
+    executable: /bin/bash
+  register: admin_endpoint
+  changed_when: false
+
+- name: Create admin component service API endpoints
+  ansible.builtin.command:
+    cmd: openstack endpoint create --region RegionOne {{ service_name }} admin {{ service_endpoint_url }}
+  when: admin_endpoint.stdout is defined and admin_endpoint.stdout == ""
+  changed_when: true

ansible/deploy_openstack/roles/common/tasks/configure_service.yml

@@ -0,0 +1,13 @@
+---
+- name: Check service entity for the component
+  ansible.builtin.shell:
+    cmd: openstack service show {{ service.name }} || true
+    executable: /bin/bash
+  register: service_component
+  changed_when: false
+
+- name: Create the component service entity
+  ansible.builtin.command:
+    cmd: openstack service create --name {{ os_component_name }} --description "{{ service.description }}" {{ service.name }}
+  when: service_component.stderr is defined and "No service with a type, name or ID" in service_component.stderr
+  changed_when: true

ansible/deploy_openstack/roles/common/tasks/create_service.yml

@@ -0,0 +1,13 @@
+---
+- name: Create the component user
+  ansible.builtin.command:
+    cmd: openstack user create --domain default --password '{{ os_component.password }}' {{ os_component.name }}
+  register: create_component_user
+  changed_when: create_component_user.stdout is defined and "password_expires_at" in create_component_user.stdout
+  failed_when: create_component_user.rc != 0 and "ConflictException" not in create_component_user.stderr
+
+- name: Add the certain role to the component user and service project
+  ansible.builtin.command:
+    cmd: openstack role add --project service --user {{ os_component.name }} {{ item }}
+  changed_when: false
+  loop: "{{ user_role_list }}"

ansible/deploy_openstack/roles/common/tasks/create_user_and_roles.yml

@@ -8,9 +8,18 @@
     db_user: glance
     db_password: "{{ glance_password }}"
 
-- name: Configure service
-  ansible.builtin.include_tasks:
-    file: configure_service.yml
+- name: Configure Glance service
+  ansible.builtin.include_role:
+    name: common
+    tasks_from: configure_service
+  vars:
+    component: glance
+    os_component_password: "{{ os_glance_password }}"
+    user_roles:
+      - admin
+    service_name: image
+    service_description: OpenStack Image
+    endpoint_url: http://{{ controller01_host_addr }}:9292
 
 - name: Install Glance package
   ansible.builtin.package: