Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 593ec01d863f881ec3e242e7fe1a593b083de5e4 / . / roles / neutron / tasks / main.yml
blob: 5853b31f149266b3ea93a5b52613c8ff10b1fb9f [file] [log] [blame]
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]1# Copyright (c) 2022 VEXXHOST, Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
guilhermesteinmuller6f6bf702023-01-24 19:00:19 +0000[diff] [blame]15- name: Uninstall the legacy HelmRelease
16 run_once: true
17 block:
18 - name: Suspend the existing HelmRelease
Mohammed Naserf0314a82023-04-11 18:53:30 +0000[diff] [blame]19 failed_when: false
guilhermesteinmuller6f6bf702023-01-24 19:00:19 +0000[diff] [blame]20 kubernetes.core.k8s:
21 state: patched
22 api_version: helm.toolkit.fluxcd.io/v2beta1
23 kind: HelmRelease
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]24 name: "{{ neutron_helm_release_name }}"
25 namespace: "{{ neutron_helm_release_namespace }}"
guilhermesteinmuller6f6bf702023-01-24 19:00:19 +0000[diff] [blame]26 definition:
27 spec:
28 suspend: true
29
30 - name: Remove the existing HelmRelease
Mohammed Naserf0314a82023-04-11 18:53:30 +0000[diff] [blame]31 failed_when: false
guilhermesteinmuller6f6bf702023-01-24 19:00:19 +0000[diff] [blame]32 kubernetes.core.k8s:
33 state: absent
34 api_version: helm.toolkit.fluxcd.io/v2beta1
35 kind: HelmRelease
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]36 name: "{{ neutron_helm_release_name }}"
37 namespace: "{{ neutron_helm_release_namespace }}"
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]38
Mohammed Naser54ee9922023-07-22 18:40:25 +0000[diff] [blame]39- name: Generate Helm values
40 ansible.builtin.set_fact:
41 _neutron_helm_values: "{{ __neutron_helm_values }}"
42
43- name: Add OVN configuration
44 when: neutron_ovn_enabled | bool
Mohammed Naserad8989f2023-07-22 22:29:32 +0000[diff] [blame]45 block:
46 - name: Retrieve OVN Northbound service IP
47 kubernetes.core.k8s_info:
48 api_version: v1
49 kind: Service
50 name: ovn-ovsdb-nb
51 namespace: "{{ neutron_helm_release_namespace }}"
52 register: neutron_ovn_nb_svc
53 failed_when: neutron_ovn_nb_svc.resources | length == 0
54
55 - name: Retrieve OVN Southbound service IP
56 kubernetes.core.k8s_info:
57 api_version: v1
58 kind: Service
59 name: ovn-ovsdb-sb
60 namespace: "{{ neutron_helm_release_namespace }}"
61 register: neutron_ovn_sb_svc
62 failed_when: neutron_ovn_sb_svc.resources | length == 0
63
64 - name: Append Helm values
65 ansible.builtin.set_fact:
66 _neutron_helm_values: "{{ _neutron_helm_values | combine(__neutron_ovn_helm_values, recursive=True) }}"
Mohammed Naser54ee9922023-07-22 18:40:25 +0000[diff] [blame]67
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]68- name: Deploy Helm chart
guilhermesteinmuller6f6bf702023-01-24 19:00:19 +0000[diff] [blame]69 run_once: true
70 kubernetes.core.helm:
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]71 name: "{{ neutron_helm_release_name }}"
72 chart_ref: "{{ neutron_helm_chart_ref }}"
73 release_namespace: "{{ neutron_helm_release_namespace }}"
guilhermesteinmuller6f6bf702023-01-24 19:00:19 +0000[diff] [blame]74 create_namespace: true
75 kubeconfig: /etc/kubernetes/admin.conf
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]76 values: "{{ _neutron_helm_values | combine(neutron_helm_values, recursive=True) }}"
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]77
78- name: Create Ingress
79 ansible.builtin.include_role:
80 name: openstack_helm_ingress
81 vars:
82 openstack_helm_ingress_endpoint: network
83 openstack_helm_ingress_service_name: neutron-server
84 openstack_helm_ingress_service_port: 9696
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]85 openstack_helm_ingress_annotations: "{{ neutron_ingress_annotations }}"
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]86
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]87- name: Create networks
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]88 when: neutron_networks | length > 0
Mohammed Naserc8e1a452022-08-11 16:16:13 -0400[diff] [blame]89 block:
90 - name: Wait until network service ready
91 kubernetes.core.k8s_info:
92 api_version: apps/v1
93 kind: Deployment
94 name: neutron-server
95 namespace: openstack
96 wait_sleep: 10
97 wait_timeout: 600
98 wait: true
99 wait_condition:
100 type: Available
101 status: true
Mohammed Naserb7b97d62022-03-12 16:30:00 -0500[diff] [blame]102
Mohammed Naserc8e1a452022-08-11 16:16:13 -0400[diff] [blame]103 - name: Create networks
104 openstack.cloud.network:
105 cloud: atmosphere
106 # Network settings
107 name: "{{ item.name }}"
108 external: "{{ item.external | default(omit) }}"
109 shared: "{{ item.shared | default(omit) }}"
110 mtu_size: "{{ item.mtu_size | default(omit) }}"
111 port_security_enabled: "{{ item.port_security_enabled | default(omit) }}"
112 provider_network_type: "{{ item.provider_network_type | default(omit) }}"
113 provider_physical_network: "{{ item.provider_physical_network | default(omit) }}"
114 provider_segmentation_id: "{{ item.provider_segmentation_id | default(omit) }}"
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]115 loop: "{{ neutron_networks }}"
Mohammed Naser52c3a702023-02-02 02:03:34 +0000[diff] [blame]116 # NOTE(mnaser): This often fails since the SSL certificates are not
117 # ready yet. We need to wait for them to be ready.
118 retries: 60
119 delay: 5
120 register: _result
121 until: _result is not failed
Mohammed Naserc8e1a452022-08-11 16:16:13 -0400[diff] [blame]122
123 - name: Create subnets
124 openstack.cloud.subnet:
125 cloud: atmosphere
126 # Subnet settings
127 network_name: "{{ item.0.name }}"
128 name: "{{ item.1.name }}"
129 ip_version: "{{ item.1.ip_version | default(omit) }}"
130 cidr: "{{ item.1.cidr | default(omit) }}"
131 gateway_ip: "{{ item.1.gateway_ip | default(omit) }}"
132 no_gateway_ip: "{{ item.1.no_gateway_ip | default(omit) }}"
133 allocation_pool_start: "{{ item.1.allocation_pool_start | default(omit) }}"
134 allocation_pool_end: "{{ item.1.allocation_pool_end | default(omit) }}"
135 dns_nameservers: "{{ item.1.dns_nameservers | default(omit) }}"
136 enable_dhcp: "{{ item.1.enable_dhcp | default(omit) }}"
137 host_routes: "{{ item.1.host_routes | default(omit) }}"
138 ipv6_address_mode: "{{ item.1.ipv6_address_mode | default(omit) }}"
139 ipv6_ra_mode: "{{ item.1.ipv6_ra_mode | default(omit) }}"
140 with_subelements:
Mohammed Naser2145fc32023-01-29 23:23:03 +0000[diff] [blame]141 - "{{ neutron_networks }}"
Mohammed Naserc8e1a452022-08-11 16:16:13 -0400[diff] [blame]142 - subnets
Mohammed Naser52c3a702023-02-02 02:03:34 +0000[diff] [blame]143 # NOTE(mnaser): This often fails since the SSL certificates are not
144 # ready yet. We need to wait for them to be ready.
145 retries: 60
146 delay: 5
147 register: _result
148 until: _result is not failed