# Author: Antonio Marsico (antonio.marsico@bt.com)
- name: Looking for the OpenStack external network
- os_networks_info:
+ openstack.cloud.networks_info:
cloud: "{{ cloud_name }}"
filters:
name: "{{ external_network_name }}"
verbosity: 2
- name: Gather information about previously created subnets
- os_subnets_info:
+ openstack.cloud.subnets_info:
cloud: "{{ cloud_name }}"
name: "{{ openstack_external_networks.openstack_networks[0].subnets[0] }}"
register: subnet_info
cidr: "{{ subnet_info.openstack_subnets[0].cidr }}"
- name: Creating a new openstack flavor
- os_nova_flavor:
+ openstack.cloud.compute_flavor:
cloud: "{{ cloud_name }}"
state: present
name: "{{os_flavor.name}}"
disk: "{{os_flavor.disk}}"
- name: Gather information about OpenStack images
- os_image_info:
+ openstack.cloud.image_info:
cloud: "{{ cloud_name }}"
image: "{{ item.image }}"
with_items: "{{ servers }}"
when: item.1.openstack_image == none and item.0.image == item.1.item.image
- name: Creating images
- os_image:
+ openstack.cloud.image:
cloud: "{{ cloud_name }}"
name: "{{ item.0.image }}"
container_format: bare
with_items: "{{ servers }}"
- name: Creating a security group
- os_security_group:
+ openstack.cloud.security_group:
cloud: "{{ cloud_name }}"
state: present
name: "{{external_network_name}}_access"
description: Security group for LAN external access
- name: Creating ICMP rule
- os_security_group_rule:
+ openstack.cloud.security_group_rule:
cloud: "{{ cloud_name }}"
security_group: "{{external_network_name}}_access"
protocol: icmp
remote_ip_prefix: 0.0.0.0/0
- name: Creating TCP access rule
- os_security_group_rule:
+ openstack.cloud.security_group_rule:
cloud: "{{ cloud_name }}"
security_group: "{{external_network_name}}_access"
protocol: tcp
remote_ip_prefix: "{{ cidr }}"
+- name: Allow HTTP from anywhere
+ openstack.cloud.security_group_rule:
+ cloud: "{{ cloud_name }}"
+ security_group: "{{external_network_name}}_access"
+ protocol: tcp
+ port_range_min: 80
+ port_range_max: 80
+ remote_ip_prefix: 0.0.0.0/0
+
+- name: Allow SSH from anywhere
+ openstack.cloud.security_group_rule:
+ cloud: "{{ cloud_name }}"
+ security_group: "{{external_network_name}}_access"
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ remote_ip_prefix: 0.0.0.0/0
+
- name: SSH key check
- os_keypair:
+ openstack.cloud.keypair:
cloud: "{{ cloud_name }}"
state: present
name: "{{ os_key_name }}"
+ public_key_file: "{{ key_file }}"
register: keypair
- debug:
content: "{{ keypair.key.public_key }}"
dest: "~/.ssh/{{ keypair.key.name }}.pub"
mode: '600'
- when: keypair.key.public_key is not none
+ when: keypair.key.public_key != none and key_file == none
- name: Creating the new ansible private key
local_action:
content: "{{ keypair.key.private_key }}"
dest: "~/.ssh/{{ keypair.key.name }}"
mode: '600'
- when: keypair.key.private_key is not none
\ No newline at end of file
+ when: keypair.key.private_key != none and key_file == none
\ No newline at end of file