X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=installers%2Fopenstack%2Froles%2Fsetup_openstack%2Ftasks%2Fmain.yml;h=fcf4f3e08ec215fc3886e3836722eb6ff83f5445;hb=75a38c73867914a576062a3b50d5c80ace795f6c;hp=8c729dfab268d48b7eb64749665d039991234906;hpb=ccfacbbb3d3bd025f48f2a1434e0b6bdeae64ead;p=osm%2Fdevops.git diff --git a/installers/openstack/roles/setup_openstack/tasks/main.yml b/installers/openstack/roles/setup_openstack/tasks/main.yml index 8c729dfa..fcf4f3e0 100644 --- a/installers/openstack/roles/setup_openstack/tasks/main.yml +++ b/installers/openstack/roles/setup_openstack/tasks/main.yml @@ -15,7 +15,7 @@ # Author: Antonio Marsico (antonio.marsico@bt.com) - name: Looking for the OpenStack external network - os_networks_info: + openstack.cloud.networks_info: cloud: "{{ cloud_name }}" filters: name: "{{ external_network_name }}" @@ -27,7 +27,7 @@ verbosity: 2 - name: Gather information about previously created subnets - os_subnets_info: + openstack.cloud.subnets_info: cloud: "{{ cloud_name }}" name: "{{ openstack_external_networks.openstack_networks[0].subnets[0] }}" register: subnet_info @@ -41,7 +41,7 @@ cidr: "{{ subnet_info.openstack_subnets[0].cidr }}" - name: Creating a new openstack flavor - os_nova_flavor: + openstack.cloud.compute_flavor: cloud: "{{ cloud_name }}" state: present name: "{{os_flavor.name}}" @@ -50,7 +50,7 @@ disk: "{{os_flavor.disk}}" - name: Gather information about OpenStack images - os_image_info: + openstack.cloud.image_info: cloud: "{{ cloud_name }}" image: "{{ item.image }}" with_items: "{{ servers }}" @@ -74,7 +74,7 @@ when: item.1.openstack_image == none and item.0.image == item.1.item.image - name: Creating images - os_image: + openstack.cloud.image: cloud: "{{ cloud_name }}" name: "{{ item.0.image }}" container_format: bare @@ -91,31 +91,50 @@ with_items: "{{ servers }}" - name: Creating a security group - os_security_group: + openstack.cloud.security_group: cloud: "{{ cloud_name }}" state: present name: "{{external_network_name}}_access" description: Security group for LAN external access - name: Creating ICMP rule - os_security_group_rule: + openstack.cloud.security_group_rule: cloud: "{{ cloud_name }}" security_group: "{{external_network_name}}_access" protocol: icmp remote_ip_prefix: 0.0.0.0/0 - name: Creating TCP access rule - os_security_group_rule: + openstack.cloud.security_group_rule: cloud: "{{ cloud_name }}" security_group: "{{external_network_name}}_access" protocol: tcp remote_ip_prefix: "{{ cidr }}" +- name: Allow HTTP from anywhere + openstack.cloud.security_group_rule: + cloud: "{{ cloud_name }}" + security_group: "{{external_network_name}}_access" + protocol: tcp + port_range_min: 80 + port_range_max: 80 + remote_ip_prefix: 0.0.0.0/0 + +- name: Allow SSH from anywhere + openstack.cloud.security_group_rule: + cloud: "{{ cloud_name }}" + security_group: "{{external_network_name}}_access" + protocol: tcp + port_range_min: 22 + port_range_max: 22 + remote_ip_prefix: 0.0.0.0/0 + - name: SSH key check - os_keypair: + openstack.cloud.keypair: cloud: "{{ cloud_name }}" state: present name: "{{ os_key_name }}" + public_key_file: "{{ key_file }}" register: keypair - debug: @@ -128,7 +147,7 @@ content: "{{ keypair.key.public_key }}" dest: "~/.ssh/{{ keypair.key.name }}.pub" mode: '600' - when: keypair.key.public_key is not none + when: keypair.key.public_key != none and key_file == none - name: Creating the new ansible private key local_action: @@ -136,4 +155,4 @@ content: "{{ keypair.key.private_key }}" dest: "~/.ssh/{{ keypair.key.name }}" mode: '600' - when: keypair.key.private_key is not none \ No newline at end of file + when: keypair.key.private_key != none and key_file == none \ No newline at end of file