Basic system configuration

.ansible-lint

@@ -0,0 +1,2 @@
+---
+profile: safety

.ansible-lint-ignore

@@ -0,0 +1 @@
+devstack_setup.yml package-latest

.gitignore

@@ -1,3 +1,4 @@
 # ---> Ansible
 *.retry
+.*.vault
 

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+    "ansible.python.interpreterPath": "/home/ptoal/.virtualenvs/ansible/bin/python"
+}

devstack_setup.yml

@@ -0,0 +1,89 @@
+---
+- name: Update packages on compute and control nodes
+  hosts: control, compute
+  become: true
+
+  tasks:
+    - name: Update all packages
+      ansible.builtin.package:
+        name: '*'
+        state: latest
+
+    - name: Packages installed
+      ansible.builtin.package:
+        name: "{{ install_packages }}"
+        state: present
+
+    - name: Create stack user for admin
+      ansible.builtin.user:
+        name: stack
+        shell: /bin/bash
+        home: /opt/stack
+        comment: Openstack Administration
+
+    - name: Give passwordless sudo access to stack user
+      community.general.sudoers:
+        name: stack
+        commands: ALL
+        runas: root
+        user: stack
+        state: present
+
+    - name: Install openstack admin ssh key
+      ansible.posix.authorized_key:
+        user: stack
+        key: "{{ lookup('file', '{{ item }}') }}"
+        state: present
+      with_fileglob:
+        - openstack_admin.pub
+
+
+- name: Prepare for openstack-ansible deployment
+  hosts: control
+  become: true
+
+  tasks:
+    - name: Disable and mask firewalld
+      ansible.builtin.systemd:
+        name: firewalld
+        enabled: false
+        masked: true
+        state: stopped
+
+    - name: Copy ssh key to .ssh directory
+      ansible.builtin.copy:
+        content: "{{ openssh_private_key }}"
+        dest: /opt/stack/.ssh/openstack_admin
+        owner: stack
+        group: stack
+        mode: '0600'
+
+    - name: Copy public key to .ssh directory
+      ansible.builtin.copy:
+        src: openstack_admin.pub
+        dest: /opt/stack/.ssh/id_rsa.pub
+        owner: stack
+        group: stack
+        mode: '0600'
+
+    - name: Clone openstack-ansible repo into /opt/openstack-ansible
+      ansible.builtin.git:
+        repo: https://opendev.org/openstack/openstack-ansible
+        dest: /opt/openstack-ansible
+        version: master
+        force: true
+
+    - name: Execute bootstrap script
+      ansible.builtin.command:
+        cmd: '/opt/openstack-ansible/scripts/bootstrap-ansible.sh'
+        creates: /usr/local/bin/openstack-ansible
+
+- name: Prepare compute hosts
+  hosts: compute
+  become: true
+
+  tasks:
+    - name: Reduce kernel log level
+      ansible.builtin.lineinfile:
+        path: /etc/sysctl.conf
+        line: kernel.printk='4 1 7 4'

files/openstack_admin.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK0fi+IhcbFCh0pYlkPgr/BoUBiB+jc3ryQpZ6t/eJEM ptoal@ptoal-linux

inventory/devstack.yml

@@ -0,0 +1,11 @@
+---
+all:
+  vars:
+    ansible_user: ptoal
+control:
+  hosts:
+    ospc.lab.toal.ca:
+
+compute:
+  hosts:
+    compute1.lab.toal.ca:

inventory/group_vars/compute.yaml

@@ -0,0 +1,8 @@
+---
+install_packages:
+  - iputils
+  - lsof
+  - openssh-server
+  - sudo
+  - tcpdump
+  - python3

inventory/group_vars/control.yaml

@@ -0,0 +1,34 @@
+install_packages:
+  - git
+  - python3-devel
+  - chrony
+  - openssh-server
+  - sudo
+  - '@Development tools'
+openssh_private_key: !vault |
+          $ANSIBLE_VAULT;1.2;AES256;toallab
+          39373963303939666134366165616337386636326430626461656362346561386437616435613634
+          6462383561663735626565623737336539626635303139340a633432366361646263643833653034
+          63316133613639333262303561643563303235323862363237363838373762643933316632303732
+          6633383761623339620a393639383732643134663035323366323739343732623163383130373338
+          66376363623063393564323662373466333363393161373663393563383232613137653039326265
+          38313038356639383733366530386536646236333130663363663733613063613938613037663534
+          37346236633934346337653665643132396332616239356131356365333265333266653665363765
+          30626534613063383766613766336662313834353563376237323234393439353836323033616636
+          35386633643236393539316331343663326237316230343834343432616366613663643239306535
+          61646538343336633932316637356463666432643534643136623635613664663565396638333535
+          33303062303066343865343764346432353264393338626163326538376264626136303562386631
+          31356137383562653966363334343030393635636338613735333838343233313461636230313661
+          34643430366666623165323730643335353763646165353035353564346239373731373966373431
+          36323564313032613335303765646166366561326536353033653163626365356636626664363736
+          38313862336235303435383135343434653635346666316136323237613366663538306239333263
+          33323432326532623434646666396636316265653130316439336366636334366161363065663038
+          35623536366661396134386164336235633066633531363363616638393666616635383036643636
+          37326435393737313630653535386464343431356563386334643232336262373537333263386363
+          37383664333666616364363361323336633538643432663037353735633632623762343034343335
+          61613464316537633065343838346164333664343462626463633162613363343266643937663464
+          65366434353437303234633830636566343730303966366433663831336564643932646139333434
+          61333337613131396263646466623739303634323361663630333832353534353435373130616534
+          34346638353631343730653736316262393438633863346334616465336562653132373930393132
+          33653430323061653265373235633435643065643834643532643962386334366332633165613737
+          6336