user_variables and config script

src/deploy/setupDeploy.sh

+#!/bin/bash
+echo "CONFIGURANDO PROXY ..."
+sleep 1
+echo "http_proxy=http://10.0.1.1:3128" >> /etc/enviroment
+echo "https_proxy=http://10.0.1.1:3128" >> /etc/enviroment
+echo "HTTP_PROXY=http://10.0.1.1:3128" >> /etc/enviroment
+echo "HTTPS_PROXY=http://10.0.1.1:3128" >> /etc/enviroment
+for env in $( cat /etc/environment ); do export $(echo $env | sed -e 's/"//g'); done
+
+echo "ACTUALIZANDO CentOS 7..."
+yum upgrade -y
+
+echo "INSTALANDO RDO OSA QUEENS..."
+yum install -y https://rdoproject.org/repos/openstack-queens/rdo-release-queens.rpm
+
+echo "INSTALANDO HERRAMIENTAS..."
+yum install -y git ntp nano net-tools ntpdate openssh-server python-devel sudo '@Development Tools'
+
+echo "DESHABILITANDO FIREWALL"
+sleep 1
+systemctl stop firewalld
+systemctl mask firewalld
+
+echo "CONFIGURAR CHRONY MANUALMENTE!!!"
+sleep 1
+# nano /etc/chrony.conf
+# Sustituir por las líneas
+# server 0.south-america.pool.ntp.org
+# server 1.south-america.pool.ntp.org
+# server 2.south-america.pool.ntp.org
+# server 3.south-america.pool.ntp.org
+
+echo "CLANANDO REPOSITORIO GIT..."
+git clone -b 17.1.4 https://git.openstack.org/openstack/openstack-ansible /opt/openstack-ansible
+
+echo "EJECUTANDO BOOTSTRAP-ANSIBLE..."
+/opt/openstack-ansible/scripts/bootstrap-ansible.sh
+
+echo "GENERANDO CLAVES SSH..."
+ssh-keygen
+
+echo "COPIAR MANUALMENTE CLAVES SSH..."
+#ssh-copy-id root@10.0.1.11

src/deploy/user_variables.yml

+---
+# Copyright 2014, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+###
+### This file contains commonly used overrides for convenience. Please inspect
+### the defaults for each role to find additional override options.
+###
+
+## Debug and Verbose options.
+debug: false
+
+## Common Glance Overrides
+# Set glance_default_store to "swift" if using Cloud Files backend
+# or "rbd" if using ceph backend; the latter will trigger ceph to get
+# installed on glance. If using a file store, a shared file store is
+# recommended. See the OpenStack-Ansible install guide and the OpenStack
+# documentation for more details.
+# Note that "swift" is automatically set as the default back-end if there
+# are any swift hosts in the environment. Use this setting to override
+# this automation if you wish for a different default back-end.
+# glance_default_store: file
+
+## Ceph pool name for Glance to use
+# glance_rbd_store_pool: images
+# glance_rbd_store_chunk_size: 8
+
+## Common Nova Overrides
+# When nova_libvirt_images_rbd_pool is defined, ceph will be installed on nova
+# hosts.
+# nova_libvirt_images_rbd_pool: vms
+
+# If you wish to change the dhcp_domain configured for both nova and neutron
+# dhcp_domain: openstacklocal
+
+## Common Glance Overrides when using a Swift back-end
+# By default when 'glance_default_store' is set to 'swift' the playbooks will
+# expect to use the Swift back-end that is configured in the same inventory.
+# If the Swift back-end is not in the same inventory (ie it is already setup
+# through some other means) then these settings should be used.
+#
+# NOTE: Ensure that the auth version matches your authentication endpoint.
+#
+# NOTE: If the password for glance_swift_store_key contains a dollar sign ($),
+# it must be escaped with an additional dollar sign ($$), not a backslash. For
+# example, a password of "super$ecure" would need to be entered as
+# "super$$ecure" below.  See Launchpad Bug #1259729 for more details.
+#
+# glance_swift_store_auth_version: 3
+# glance_swift_store_auth_address: "https://some.auth.url.com"
+# glance_swift_store_user: "OPENSTACK_TENANT_ID:OPENSTACK_USER_NAME"
+# glance_swift_store_key: "OPENSTACK_USER_PASSWORD"
+# glance_swift_store_container: "NAME_OF_SWIFT_CONTAINER"
+# glance_swift_store_region: "NAME_OF_REGION"
+
+## Common Ceph Overrides
+# ceph_mons:
+#   - 10.16.5.40
+#   - 10.16.5.41
+#   - 10.16.5.42
+
+## Custom Ceph Configuration File (ceph.conf)
+# By default, your deployment host will connect to one of the mons defined above to
+# obtain a copy of your cluster's ceph.conf.  If you prefer, uncomment ceph_conf_file
+# and customise to avoid ceph.conf being copied from a mon.
+# ceph_conf_file: |
+#   [global]
+#   fsid = 00000000-1111-2222-3333-444444444444
+#   mon_initial_members = mon1.example.local,mon2.example.local,mon3.example.local
+#   mon_host = 10.16.5.40,10.16.5.41,10.16.5.42
+#   # optionally, you can use this construct to avoid defining this list twice:
+#   # mon_host = {{ ceph_mons|join(',') }}
+#   auth_cluster_required = cephx
+#   auth_service_required = cephx
+
+
+# By default, openstack-ansible configures all OpenStack services to talk to
+# RabbitMQ over encrypted connections on port 5671. To opt-out of this default,
+# set the rabbitmq_use_ssl variable to 'false'. The default setting of 'true'
+# is highly recommended for securing the contents of RabbitMQ messages.
+# rabbitmq_use_ssl: false
+
+# RabbitMQ management plugin is enabled by default, the guest user has been
+# removed for security reasons and a new userid 'monitoring' has been created
+# with the 'monitoring' user tag. In order to modify the userid, uncomment the
+# following and change 'monitoring' to your userid of choice.
+# rabbitmq_monitoring_userid: monitoring
+
+
+## Additional pinning generator that will allow for more packages to be pinned as you see fit.
+## All pins allow for package and versions to be defined. Be careful using this as versions
+## are always subject to change and updates regarding security will become your problem from this
+## point on. Pinning can be done based on a package version, release, or origin. Use "*" in the
+## package name to indicate that you want to pin all package to a particular constraint.
+# apt_pinned_packages:
+#   - { package: "lxc", version: "1.0.7-0ubuntu0.1" }
+#   - { package: "libvirt-bin", version: "1.2.2-0ubuntu13.1.9" }
+#   - { package: "rabbitmq-server", origin: "www.rabbitmq.com" }
+#   - { package: "*", release: "MariaDB" }
+
+
+## Environment variable settings
+# This allows users to specify the additional environment variables to be set
+# which is useful in setting where you working behind a proxy. If working behind
+# a proxy It's important to always specify the scheme as "http://". This is what
+# the underlying python libraries will handle best. This proxy information will be
+# placed both on the hosts and inside the containers.
+
+## Example environment variable setup:
+## This is used by apt-cacher-ng to download apt packages:
+proxy_env_url: http://10.0.1.1:3128/
+
+## (1) This sets up a permanent environment, used during and after deployment:
+no_proxy_env: "localhost,127.0.0.1,{{ internal_lb_vip_address }},{{ external_lb_vip_address }},{% for host in groups['all_containers'] %}{{ hostvars[host]['container_address'] }}{% if not loop.last %},{% endif %}{% endfor %}"
+global_environment_variables:
+    HTTP_PROXY: "{{ proxy_env_url }}"
+    HTTPS_PROXY: "{{ proxy_env_url }}"
+    NO_PROXY: "{{ no_proxy_env }}"
+    http_proxy: "{{ proxy_env_url }}"
+    https_proxy: "{{ proxy_env_url }}"
+    no_proxy: "{{ no_proxy_env }}"
+#
+## (2) This is applied only during deployment, nothing is left after deployment is complete:
+deployment_environment_variables:
+    http_proxy: "{{ proxy_env_url }}"
+    https_proxy: "{{ proxy_env_url }}"
+    no_proxy: "localhost,127.0.0.1,{{ internal_lb_vip_address }},{{ external_lb_vip_address }},{% for host in groups['keystone_all'] %}{{ hostvars[host]['container_address'] }}{% if not loop.last %},{% endif %}{% endfor %}"
+
+
+## SSH connection wait time
+# If an increased delay for the ssh connection check is desired,
+# uncomment this variable and set it appropriately.
+#ssh_delay: 5
+
+
+## HAProxy and keepalived
+# All the previous variables are used inside a var, in the group vars.
+# You can override the current keepalived definition (see
+# group_vars/all/keepalived.yml) in your user space if necessary.
+#
+# Uncomment this to disable keepalived installation (cf. documentation)
+# haproxy_use_keepalived: False
+#
+# HAProxy Keepalived configuration (cf. documentation)
+# Make sure that this is set correctly according to the CIDR used for your
+# internal and external addresses.
+# haproxy_keepalived_external_vip_cidr: "{{external_lb_vip_address}}/32"
+# haproxy_keepalived_internal_vip_cidr: "{{internal_lb_vip_address}}/32"
+# haproxy_keepalived_external_interface:
+# haproxy_keepalived_internal_interface:
+
+# Defines the default VRRP id used for keepalived with haproxy.
+# Overwrite it to your value to make sure you don't overlap
+# with existing VRRPs id on your network. Default is 10 for the external and 11 for the
+# internal VRRPs
+# haproxy_keepalived_external_virtual_router_id:
+# haproxy_keepalived_internal_virtual_router_id:
+
+# Defines the VRRP master/backup priority. Defaults respectively to 100 and 20
+# haproxy_keepalived_priority_master:
+# haproxy_keepalived_priority_backup:
+
+# Keepalived default IP address used to check its alive status (IPv4 only)
+# keepalived_ping_address: "193.0.14.129"
+
+
+# Variables para usar HTTPS
+openstack_service_publicuri_proto: https
+openstack_service_adminuri_proto: https
+openstack_service_internaluri_proto: https
\ No newline at end of file