CC-Ansible
CC-Ansible
The cc-ansible
script in the root of the repo is used to drive the deployment. With this tool you can upgrade parts of the system, reconfigure various services, update and edit encrypted passwords, and run Chameleon-specific Ansible playbooks to set up supporting infrastructure not provided by the Kolla-Ansible project (such as Chameleon's automated hammers toolkit).
Specifying the site configuration
Most commands require specifying a path to the site configuration, which contains your site-specific variables, overrides, and configuration. You can specify this in two ways, either with the --site
flag, or by setting the env variable CC_ANSIBLE_SITE
.
Applying playbooks
Playbooks are set up to target a host group with the same name. This means the grafana
playbook will target the grafana
host group etc. To run a playbook, you can use the ./cc-ansible
wrapper script, which just sets up two important parameters for you: the Ansible Vault configuration, and the inventory path.
Running Kolla-Ansible actions
Much of the deployment is ultimately controlled by Kolla-Ansible. To invoke, you can use the ./cc-ansible
tool much like you could use kolla-ansible
:
Post-deployment
There is a post-deploy
script you can run to finish things up. This will install compatible versions of all OpenStack clients for your deployment and set up some OpenStack entities needed to do bare metal provisioning.
Finally, consider adding the following to your .bashrc or similar:
Configuration secrets
Secrets like database and user passwords or sensitive API keys should be encrypted with Ansible Vault in a passwords.yml
file located in the site configuration. This is encrypted with a symmetrical cipher key (vault_password
). This key should never be stored in source control. You can edit or view the encrypted contents with the ./cc-ansible
tool:
Common tasks
Upgrade to a new version of an OpenStack image/config
A full upgrade of a given service (or set of services) is a pull
operation followed by an upgrade
. The pull
will pull the latest version of the Docker image for the service(s) and can be done ahead of time to save time in the maintenance window, if desired. The upgrade
task will perform any database migrations, update the runtime configuration, and redeploy the service at the new version.
Last updated