roles/openstack_helm_nova/tasks/main.yml

# Copyright (c) 2022 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

- name: Generate OpenStack-Helm endpoints
  ansible.builtin.include_role:
    name: openstack_helm_endpoints
  vars:
    openstack_helm_endpoints_repo_name: openstack-helm
    openstack_helm_endpoints_repo_url: https://tarballs.opendev.org/openstack/openstack-helm/
    openstack_helm_endpoints_chart: nova

- name: Generate public key for SSH private key
  become: false
  delegate_to: localhost
  block:
    - name: Generate temporary file for SSH public key
      changed_when: false
      ansible.builtin.tempfile:
        state: file
        prefix: nova_ssh_key_
      register: _nova_ssh_key_tempfile
    # NOTE(mnaser): It's important to add a trailing newline at the end of this
    #               string or else `ssh-keygen` will not be happy.`
    - name: Write contents of current private SSH key
      changed_when: false
      ansible.builtin.copy:
        dest: "{{ _nova_ssh_key_tempfile.path }}"
        content: "{{ openstack_helm_nova_ssh_key }}\n"
        mode: "0600"
    - name: Generate public key for SSH private key
      changed_when: false
      community.crypto.openssh_keypair:
        path: "{{ _nova_ssh_key_tempfile.path }}"
        regenerate: never
      register: _nova_ssh_publickey
  always:
    - name: Delete temporary file for public SSH key
      changed_when: false
      ansible.builtin.file:
        path: "{{ _nova_ssh_key_tempfile.path }}"
        state: absent

- name: Deploy Helm chart
  kubernetes.core.k8s:
    state: present
    definition:
      - apiVersion: source.toolkit.fluxcd.io/v1beta2
        kind: HelmRepository
        metadata:
          name: openstack-helm
          namespace: openstack
        spec:
          interval: 60s
          url: https://tarballs.opendev.org/openstack/openstack-helm/

      - apiVersion: v1
        kind: Secret
        metadata:
          name: atmosphere-nova
          namespace: openstack
        stringData:
          values.yaml: "{{ _openstack_helm_nova_values | to_nice_yaml }}"

      - apiVersion: helm.toolkit.fluxcd.io/v2beta1
        kind: HelmRelease
        metadata:
          name: nova
          namespace: openstack
        spec:
          interval: 60s
          chart:
            spec:
              chart: nova
              version: 0.2.32
              sourceRef:
                kind: HelmRepository
                name: openstack-helm
          install:
            disableWait: true
          upgrade:
            disableWait: true
          valuesFrom:
            - kind: Secret
              name: atmosphere-nova
            - kind: Secret
              name: percona-xtradb
              valuesKey: root
              targetPath: endpoints.oslo_db.auth.admin.password
            - kind: Secret
              name: percona-xtradb
              valuesKey: root
              targetPath: endpoints.oslo_db_api.auth.admin.password
            - kind: Secret
              name: percona-xtradb
              valuesKey: root
              targetPath: endpoints.oslo_db_cell0.auth.admin.password
            - kind: Secret
              name: rabbitmq-nova-default-user
              valuesKey: username
              targetPath: endpoints.oslo_messaging.auth.admin.username
            - kind: Secret
              name: rabbitmq-nova-default-user
              valuesKey: password
              targetPath: endpoints.oslo_messaging.auth.admin.password

- name: Create Ingress
  ansible.builtin.include_role:
    name: openstack_helm_ingress
  vars:
    openstack_helm_ingress_endpoint: compute
    openstack_helm_ingress_service_name: nova-api
    openstack_helm_ingress_service_port: 8774
    openstack_helm_ingress_annotations: "{{ openstack_helm_nova_ingress_annotations }}"

- name: Create Ingress
  ansible.builtin.include_role:
    name: openstack_helm_ingress
  vars:
    openstack_helm_ingress_endpoint: compute_novnc_proxy
    openstack_helm_ingress_service_name: nova-novncproxy
    openstack_helm_ingress_service_port: 6080
    openstack_helm_ingress_annotations: "{{ openstack_helm_nova_ingress_annotations }}"

- name: Create flavors
  when: openstack_helm_nova_flavors | length > 0
  block:
    - name: Wait until compute api service ready
      kubernetes.core.k8s_info:
        api_version: apps/v1
        kind: Deployment
        name: nova-api-osapi
        namespace: openstack
        wait_sleep: 10
        wait_timeout: 600
        wait: true
        wait_condition:
          type: Available
          status: true

    - name: Create flavors
      openstack.cloud.compute_flavor:
        cloud: atmosphere
        # Flavor settings
        flavorid: "{{ item.flavorid | default(omit) }}"
        name: "{{ item.name }}"
        vcpus: "{{ item.vcpus }}"
        ram: "{{ item.ram }}"
        disk: "{{ item.disk | default(omit) }}"
        ephemeral: "{{ item.ephemeral | default(omit) }}"
        swap: "{{ item.swap | default(omit) }}"
        is_public: "{{ item.is_public | default(omit) }}"
        rxtx_factor: "{{ item.rxtx_factor | default(omit) }}"
        extra_specs: "{{ item.extra_specs | default(omit) }}"
      loop: "{{ openstack_helm_nova_flavors }}"