CORD-1151
Make cord_dir and cord_profile_dir local to config node
use head_* and config_* prefixes to avoid hardcoding paths
config-side ssh key generation+
fix frontend & mock builds
[build] group in inventory
fix inventory strangeness
raise privs when creating ssh_pki_dir
move admin-openrc.sh.j2 to cord-profile
add copy-cord-playbook.yml, clarify where it runs
fix paths for head_cord_profile_dir with mock/frontend
use /opt/cord_profile/admin-openrc.sh rather than ~/admin-openrc.sh
install pki
make comment in do-enlist-compute-node accurate, set correct interface
remove hardcoded credential path
logging and ssh key fixes
Change-Id: Ie7560c911dce1558e09806c9997884dfbd475e9c
diff --git a/roles/cord-profile/templates/admin-openrc.sh.j2 b/roles/cord-profile/templates/admin-openrc.sh.j2
new file mode 100644
index 0000000..86eb230
--- /dev/null
+++ b/roles/cord-profile/templates/admin-openrc.sh.j2
@@ -0,0 +1,6 @@
+export OS_USERNAME=admin
+export OS_PASSWORD={{ keystone_admin_password }}
+export OS_TENANT_NAME=admin
+export OS_AUTH_URL=https://keystone.{{ site_suffix }}:5000/v2.0
+export OS_REGION_NAME=RegionOne
+export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
diff --git a/roles/cord-profile/templates/docker-compose.yml.j2 b/roles/cord-profile/templates/docker-compose.yml.j2
index 29fa893..b64e837 100644
--- a/roles/cord-profile/templates/docker-compose.yml.j2
+++ b/roles/cord-profile/templates/docker-compose.yml.j2
@@ -1,7 +1,7 @@
version: '2'
# XOS docker compose
-# generated by platform-install/roles/cord-profile
+# generated by cord-profile/templates/docker-compose.yml.j2
networks:
{% for network in xos_docker_networks %}
@@ -94,8 +94,8 @@
- xos_ws
- xos_chameleon
volumes:
- - {{ cord_profile_dir }}/style.config.js:/var/www/dist/style.config.js
- - {{ cord_profile_dir }}/app.config.js:/var/www/dist/app.config.js
+ - {{ head_cord_profile_dir }}/style.config.js:/var/www/dist/style.config.js
+ - {{ head_cord_profile_dir }}/app.config.js:/var/www/dist/app.config.js
volumes_from:
- gui_extensions_store
logging:
@@ -171,7 +171,7 @@
- xos_redis
{% endif %}
volumes:
- - {{ cord_profile_dir }}/gateway-config.yml:/var/www/src/config/gateway-config.yml
+ - {{ head_cord_profile_dir }}/gateway-config.yml:/var/www/src/config/gateway-config.yml
logging:
driver: "json-file"
options:
@@ -204,11 +204,11 @@
- xos_redis
{% endif %}
volumes:
- - {{ cord_profile_dir }}/xos_common_config:/opt/xos/xos_configuration/xos_common_config:ro
- - {{ cord_profile_dir }}/xos_config.yaml:/opt/xos/xos_config.yaml:ro
- - {{ cord_profile_dir }}:/opt/cord_profile:ro
- - {{ cord_dir }}/orchestration/xos_libraries/ng-xos-lib:/opt/xos_libraries/ng-xos-lib:ro
- - {{ cord_profile_dir }}/im_cert_chain.pem:/usr/local/share/ca-certificates/local_certs.crt:ro
+ - {{ head_cord_profile_dir }}/xos_common_config:/opt/xos/xos_configuration/xos_common_config:ro
+ - {{ head_cord_profile_dir }}/xos_config.yaml:/opt/xos/xos_config.yaml:ro
+ - {{ head_cord_profile_dir }}:/opt/cord_profile:ro
+ - {{ head_cord_dir }}/orchestration/xos_libraries/ng-xos-lib:/opt/xos_libraries/ng-xos-lib:ro
+ - {{ head_cord_profile_dir }}/im_cert_chain.pem:/usr/local/share/ca-certificates/local_certs.crt:ro
logging:
driver: "json-file"
options:
@@ -243,11 +243,11 @@
- xos_redis
{% endif %}
volumes:
- - {{ cord_profile_dir }}/xos_common_config:/opt/xos/xos_configuration/xos_common_config:ro
- - {{ cord_profile_dir }}/xos_config.yaml:/opt/xos/xos_config.yaml:ro
- - {{ cord_profile_dir }}:/opt/cord_profile:ro
- - {{ cord_dir }}/orchestration/xos_libraries/ng-xos-lib:/opt/xos_libraries/ng-xos-lib:ro
- - {{ cord_profile_dir }}/im_cert_chain.pem:/usr/local/share/ca-certificates/local_certs.crt:ro
+ - {{ head_cord_profile_dir }}/xos_common_config:/opt/xos/xos_configuration/xos_common_config:ro
+ - {{ head_cord_profile_dir }}/xos_config.yaml:/opt/xos/xos_config.yaml:ro
+ - {{ head_cord_profile_dir }}:/opt/cord_profile:ro
+ - {{ head_cord_dir }}/orchestration/xos_libraries/ng-xos-lib:/opt/xos_libraries/ng-xos-lib:ro
+ - {{ head_cord_profile_dir }}/im_cert_chain.pem:/usr/local/share/ca-certificates/local_certs.crt:ro
- /var/run/docker.sock:/var/run/docker.sock
logging:
driver: "json-file"
@@ -280,7 +280,7 @@
{% if not frontend_only %}
{% for svc in xos_services %}
-{% if svc.synchronizer is defined and svc.synchronizer %}
+{% if svc.synchronizer is not defined or svc.synchronizer %}
{{ svc.name }}-synchronizer:
image: {{ deploy_docker_registry }}xosproject/{{ svc.name }}-synchronizer:{{ deploy_docker_tag }}
networks:
@@ -298,14 +298,14 @@
- xos_redis:redis
{% endif %}
volumes:
- - {{ cord_profile_dir }}/node_key:/opt/cord_profile/node_key:ro
- - {{ cord_dir }}/build/platform-install/credentials/xosadmin@opencord.org:/opt/xos/services/{{ svc.name }}/credentials/xosadmin@opencord.org:ro
- - {{ cord_profile_dir }}/im_cert_chain.pem:/usr/local/share/ca-certificates/local_certs.crt:ro
+ - {{ head_cord_profile_dir }}/node_key:/opt/cord_profile/node_key:ro
+ - /opt/credentials:/opt/xos/services/{{ svc.name }}/credentials:ro
+ - {{ head_cord_profile_dir }}/im_cert_chain.pem:/usr/local/share/ca-certificates/local_certs.crt:ro
{% if svc.keypair is defined %}
- - {{ cord_profile_dir }}/key_import/{{ svc.keypair }}:/opt/xos/services/{{ svc.name }}/keys/{{ svc.keypair }}:ro
+ - {{ head_cord_profile_dir }}/key_import/{{ svc.keypair }}:/opt/xos/services/{{ svc.name }}/keys/{{ svc.keypair }}:ro
{% endif %}
{% if svc.name == "openstack" %}
- - {{ cord_profile_dir }}/images:/opt/xos/images:ro
+ - {{ head_cord_profile_dir }}/images:/opt/xos/images:ro
{% endif %}
logging:
driver: "json-file"
diff --git a/roles/cord-profile/templates/xos-bootstrap-docker-compose.yaml.j2 b/roles/cord-profile/templates/xos-bootstrap-docker-compose.yaml.j2
deleted file mode 100644
index 06c20d2..0000000
--- a/roles/cord-profile/templates/xos-bootstrap-docker-compose.yaml.j2
+++ /dev/null
@@ -1,104 +0,0 @@
-version: '2'
-
-# XOS bootstrap docker compose
-# generated by platform-install/roles/cord-profile
-
-networks:
-{% for network in xos_docker_networks %}
- {{ network }}:
- external: true
-{% endfor %}
-
-services:
- xos_db:
- image: {{ deploy_docker_registry }}xosproject/xos-postgres:{{ deploy_docker_tag }}
- networks:
-{% for network in xos_docker_networks %}
- - {{ network }}
-{% endfor %}
- expose:
- - "5432"
-
-{% if use_redis %}
- xos_redis:
- image: {{ deploy_docker_registry }}redis:{{ deploy_docker_tag }}
- networks:
-{% for network in xos_docker_networks %}
- - {{ network }}
-{% endfor %}
- logging:
- driver: "json-file"
- options:
- max-size: "1000k"
- max-file: "5"
-{% endif %}
-
- xos_bootstrap_ui:
- image: {{ deploy_docker_registry }}xosproject/xos:{{ deploy_docker_tag }}
- command: python /opt/xos/manage.py runserver 0.0.0.0:{{ xos_bootstrap_ui_port }} --insecure --makemigrations
- networks:
-{% for network in xos_docker_networks %}
- - {{ network }}
-{% endfor %}
- labels:
- org.xosproject.kind: userinterface
- org.xosproject.target: bootstrap
- links:
- - xos_db
-{% if use_redis %}
- - xos_redis:redis
-{% endif %}
- volumes:
- - .:/opt/cord_profile:ro
- - ./xos_common_config:/opt/xos/xos_configuration/xos_common_config:ro
-{% for service in xos_services %}
- - {{ cord_dir }}/{{ service.path }}:/opt/xos_services/{{ service.path | basename }}:ro
-{% endfor %}
-{% for library in xos_libraries %}
- - {{ cord_dir }}/orchestration/xos_libraries/{{ library }}:/opt/xos_libraries/{{ library }}:ro
-{% endfor %}
-{% for volume in xos_docker_volumes %}
- - {{ volume.host }}:{{ volume.container }}{{ ":rw" if (volume.read_only is defined and not volume.read_only ) else ":ro" }}
-{% endfor %}
- ports:
- - "{{ xos_bootstrap_ui_port }}:{{ xos_bootstrap_ui_port }}"
- logging:
- driver: "json-file"
- options:
- max-size: "1000k"
- max-file: "5"
- depends_on:
- - xos_db
-{% if use_redis %}
- - xos_redis
-{% endif %}
-
- xos_synchronizer_onboarding:
- image: {{ deploy_docker_registry }}xosproject/xos:{{ deploy_docker_tag }}
- command: bash -c "cd /opt/xos/synchronizers/onboarding; ./run.sh"
- networks:
-{% for network in xos_docker_networks %}
- - {{ network }}
-{% endfor %}
- labels:
- org.xosproject.kind: synchronizer
- org.xosproject.target: onboarding
- links:
- - xos_db
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- - ./key_import:/opt/xos/key_import:ro
- - ./onboarding-docker-compose:/opt/xos/synchronizers/onboarding/docker-compose
-{% for service in xos_services %}
- - {{ cord_dir }}/{{ service.path }}:/opt/xos_services/{{ service.path | basename }}:ro
-{% endfor %}
-{% for library in xos_libraries %}
- - {{ cord_dir }}/orchestration/xos_libraries/{{ library }}:/opt/xos_libraries/{{ library }}:ro
-{% endfor %}
- logging:
- driver: "json-file"
- options:
- max-size: "1000k"
- max-file: "5"
- depends_on:
- - xos_db
diff --git a/roles/cord-profile/templates/xos.yaml.j2 b/roles/cord-profile/templates/xos.yaml.j2
index 4bd792f..553f9b1 100644
--- a/roles/cord-profile/templates/xos.yaml.j2
+++ b/roles/cord-profile/templates/xos.yaml.j2
@@ -11,4 +11,3 @@
xos:
type: tosca.nodes.XOS
-
diff --git a/roles/cord-profile/templates/xos_common_config.j2 b/roles/cord-profile/templates/xos_common_config.j2
index 175be92..ba67acd 100644
--- a/roles/cord-profile/templates/xos_common_config.j2
+++ b/roles/cord-profile/templates/xos_common_config.j2
@@ -41,7 +41,7 @@
dependency_graph=/opt/xos/model-deps
logfile=/var/log/xos_backend.log
save_ansible_output=True
-node_key={{ cord_profile_dir }}/node_key
+node_key={{ head_cord_profile_dir }}/node_key
[gui]
disable_minidashboard={{ disable_minidashboard }}