From adc37970ab1e8609f4d75f38fa03a1b3bdba68f1 Mon Sep 17 00:00:00 2001 From: Ricardo Carrillo Cruz Date: Tue, 21 Jun 2016 18:54:38 +0000 Subject: [PATCH] Add ability to generate keypair on-the-fly This change adds a flag 'generate_keypair' that makes the role to generate an ssh keypair, create an OpenStack keypair with it and all the servers of the play will have that key baked in. The folder, key type and key length are also configurable. Change-Id: Iccbec24e9834c1fa03da8add94e069f622024537 --- defaults/main.yml | 4 + tasks/create_clouds_resources.yml | 74 +------------ tasks/create_servers.yml | 168 ++++++++++++++++++++++++++++++ tests/test.yaml | 18 ++-- tox.ini | 2 +- 5 files changed, 186 insertions(+), 80 deletions(-) create mode 100644 tasks/create_servers.yml diff --git a/defaults/main.yml b/defaults/main.yml index 9fb0337..85205d3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,3 +1,7 @@ --- os_client_config_cloud: envvars os_validate_certs: no +generate_keypair: no +generate_keypair_folder: /tmp +generate_keypair_key_type: rsa +generate_keypair_key_bits: 2048 diff --git a/tasks/create_clouds_resources.yml b/tasks/create_clouds_resources.yml index 7742c23..533ac02 100644 --- a/tasks/create_clouds_resources.yml +++ b/tasks/create_clouds_resources.yml @@ -361,76 +361,4 @@ tags: - volumes -- name: Create per-cloud servers for {{ item_cloud.name }} - os_server: - cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}" - state: "{{ item.state|default(omit) }}" - name: "{{ item.name }}" - image: "{{ item.image }}" - auto_ip: "{{ item.auto_ip|default(omit) }}" - boot_from_volume: "{{ item.boot_from_volume|default(omit) }}" - boot_volume: "{{ item.boot_volume|default(omit) }}" - config_drive: "{{ item.config_drive|default(omit) }}" - flavor: "{{ item.flavor|default(omit) }}" - flavor_include: "{{ item.flavor_include|default(omit) }}" - flavor_ram: "{{ item.flavor_ram|default(omit) }}" - floating_ip_pools: "{{ item.floating_ip_pools|default(omit) }}" - floating_ips: "{{ item.floating_ips|default(omit) }}" - image_exclude: "{{ item.image_exclude|default(omit) }}" - key: "{{ item.key|default(omit) }}" - key_name: "{{ item.key_name|default(omit) }}" - meta: "{{ item.meta|default(omit) }}" - network: "{{ item.network|default(omit) }}" - nics: "{{ item.nics|default(omit) }}" - scheduler_hints: "{{ item.scheduler_hints|default(omit) }}" - security_groups: "{{ item.security_groups|default(omit) }}" - terminate_volume: "{{ item.terminate_volume|default(omit) }}" - userdata: "{{ item.userdata|default(omit) }}" - volume_size: "{{ item.volume_size|default(omit) }}" - volumes: "{{ item.volumes|default(omit) }}" - with_items: "{{ item_cloud.servers|default([]) }}" - tags: - - servers - register: os_server_result - -- add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }} - with_items: "{{ os_server_result.results }}" - -- name: Create profiles servers for {{ item_cloud.name }} - os_server: - cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}" - state: "{{ item.1.state|default(omit) }}" - name: "{{ item.1.name }}" - image: "{{ item.1.image }}" - auto_ip: "{{ item.1.auto_ip|default(omit) }}" - boot_from_volume: "{{ item.1.boot_from_volume|default(omit) }}" - boot_volume: "{{ item.1.boot_volume|default(omit) }}" - config_drive: "{{ item.1.config_drive|default(omit) }}" - flavor: "{{ item.1.flavor|default(omit) }}" - flavor_include: "{{ item.1.flavor_include|default(omit) }}" - flavor_ram: "{{ item.1.flavor_ram|default(omit) }}" - floating_ip_pools: "{{ item.1.floating_ip_pools|default(omit) }}" - floating_ips: "{{ item.1.floating_ips|default(omit) }}" - image_exclude: "{{ item.1.image_exclude|default(omit) }}" - key: "{{ item.1.key|default(omit) }}" - key_name: "{{ item.1.key_name|default(omit) }}" - meta: "{{ item.1.meta|default(omit) }}" - network: "{{ item.1.network|default(omit) }}" - nics: "{{ item.1.nics|default(omit) }}" - scheduler_hints: "{{ item.1.scheduler_hints|default(omit) }}" - security_groups: "{{ item.1.security_groups|default(omit) }}" - terminate_volume: "{{ item.1.terminate_volume|default(omit) }}" - userdata: "{{ item.1.userdata|default(omit) }}" - volume_size: "{{ item.1.volume_size|default(omit) }}" - volumes: "{{ item.1.volumes|default(omit) }}" - with_subelements: - - "{{ profiles|default([]) }}" - - servers - - { skip_missing: yes } - when: "{{ item_cloud.profiles is defined and item.0.name in item_cloud.profiles }}" - tags: - - servers - register: os_server_result - -- add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }} - with_items: "{{ os_server_result.results }}" +- include: create_servers.yml diff --git a/tasks/create_servers.yml b/tasks/create_servers.yml new file mode 100644 index 0000000..d79b601 --- /dev/null +++ b/tasks/create_servers.yml @@ -0,0 +1,168 @@ +--- +- block: + - name: Generate keypair name + set_fact: cl_generated_keypair_name=launch-{{ lookup('pipe', "date +'%s'") }} + - name: Generate SSH keys + shell: ssh-keygen -t "{{ generate_keypair_key_type }}" -b "{{ generate_keypair_key_bits }}" -N '' -f "{{ generate_keypair_folder }}"/"{{ cl_generated_keypair_name }}" + - name: Store public key filename path + set_fact: cl_generated_keypair_public_key_filename={{ generate_keypair_folder}}/{{ cl_generated_keypair_name }}.pub + - name: Store private key filename path + set_fact: cl_generated_keypair_private_key_filename={{ generate_keypair_folder}}/{{ cl_generated_keypair_name }} + + - name: Create OpenStack keypair {{ cl_generated_keypair_name }} + os_keypair: + cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}" + state: present + name: "{{ cl_generated_keypair_name }}" + public_key_file: "{{ cl_generated_keypair_public_key_filename }}" + + - name: Create per-cloud servers for {{ item_cloud.name }} + os_server: + cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}" + state: "{{ item.state|default(omit) }}" + name: "{{ item.name }}" + image: "{{ item.image }}" + auto_ip: "{{ item.auto_ip|default(omit) }}" + boot_from_volume: "{{ item.boot_from_volume|default(omit) }}" + boot_volume: "{{ item.boot_volume|default(omit) }}" + config_drive: "{{ item.config_drive|default(omit) }}" + flavor: "{{ item.flavor|default(omit) }}" + flavor_include: "{{ item.flavor_include|default(omit) }}" + flavor_ram: "{{ item.flavor_ram|default(omit) }}" + floating_ip_pools: "{{ item.floating_ip_pools|default(omit) }}" + floating_ips: "{{ item.floating_ips|default(omit) }}" + image_exclude: "{{ item.image_exclude|default(omit) }}" + key: "{{ item.key|default(omit) }}" + key_name: "{{ cl_generated_keypair_name }}" + meta: "{{ item.meta|default(omit) }}" + network: "{{ item.network|default(omit) }}" + nics: "{{ item.nics|default(omit) }}" + scheduler_hints: "{{ item.scheduler_hints|default(omit) }}" + security_groups: "{{ item.security_groups|default(omit) }}" + terminate_volume: "{{ item.terminate_volume|default(omit) }}" + userdata: "{{ item.userdata|default(omit) }}" + volume_size: "{{ item.volume_size|default(omit) }}" + volumes: "{{ item.volumes|default(omit) }}" + with_items: "{{ item_cloud.servers|default([]) }}" + tags: + - servers + register: os_server_result + + - add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }} + with_items: "{{ os_server_result.results }}" + + - name: Create profiles servers for {{ item_cloud.name }} + os_server: + cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}" + state: "{{ item.1.state|default(omit) }}" + name: "{{ item.1.name }}" + image: "{{ item.1.image }}" + auto_ip: "{{ item.1.auto_ip|default(omit) }}" + boot_from_volume: "{{ item.1.boot_from_volume|default(omit) }}" + boot_volume: "{{ item.1.boot_volume|default(omit) }}" + config_drive: "{{ item.1.config_drive|default(omit) }}" + flavor: "{{ item.1.flavor|default(omit) }}" + flavor_include: "{{ item.1.flavor_include|default(omit) }}" + flavor_ram: "{{ item.1.flavor_ram|default(omit) }}" + floating_ip_pools: "{{ item.1.floating_ip_pools|default(omit) }}" + floating_ips: "{{ item.1.floating_ips|default(omit) }}" + image_exclude: "{{ item.1.image_exclude|default(omit) }}" + key: "{{ item.1.key|default(omit) }}" + key_name: "{{ cl_generated_keypair_name }}" + meta: "{{ item.1.meta|default(omit) }}" + network: "{{ item.1.network|default(omit) }}" + nics: "{{ item.1.nics|default(omit) }}" + scheduler_hints: "{{ item.1.scheduler_hints|default(omit) }}" + security_groups: "{{ item.1.security_groups|default(omit) }}" + terminate_volume: "{{ item.1.terminate_volume|default(omit) }}" + userdata: "{{ item.1.userdata|default(omit) }}" + volume_size: "{{ item.1.volume_size|default(omit) }}" + volumes: "{{ item.1.volumes|default(omit) }}" + with_subelements: + - "{{ profiles|default([]) }}" + - servers + - { skip_missing: yes } + when: "{{ item_cloud.profiles is defined and item.0.name in item_cloud.profiles }}" + tags: + - servers + register: os_server_result + + - add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }} + with_items: "{{ os_server_result.results }}" + when: generate_keypair|bool + +- block: + - name: Create per-cloud servers for {{ item_cloud.name }} + os_server: + cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}" + state: "{{ item.state|default(omit) }}" + name: "{{ item.name }}" + image: "{{ item.image }}" + auto_ip: "{{ item.auto_ip|default(omit) }}" + boot_from_volume: "{{ item.boot_from_volume|default(omit) }}" + boot_volume: "{{ item.boot_volume|default(omit) }}" + config_drive: "{{ item.config_drive|default(omit) }}" + flavor: "{{ item.flavor|default(omit) }}" + flavor_include: "{{ item.flavor_include|default(omit) }}" + flavor_ram: "{{ item.flavor_ram|default(omit) }}" + floating_ip_pools: "{{ item.floating_ip_pools|default(omit) }}" + floating_ips: "{{ item.floating_ips|default(omit) }}" + image_exclude: "{{ item.image_exclude|default(omit) }}" + key: "{{ item.key|default(omit) }}" + key_name: "{{ item.key_name|default(omit) }}" + meta: "{{ item.meta|default(omit) }}" + network: "{{ item.network|default(omit) }}" + nics: "{{ item.nics|default(omit) }}" + scheduler_hints: "{{ item.scheduler_hints|default(omit) }}" + security_groups: "{{ item.security_groups|default(omit) }}" + terminate_volume: "{{ item.terminate_volume|default(omit) }}" + userdata: "{{ item.userdata|default(omit) }}" + volume_size: "{{ item.volume_size|default(omit) }}" + volumes: "{{ item.volumes|default(omit) }}" + with_items: "{{ item_cloud.servers|default([]) }}" + tags: + - servers + register: os_server_result + + - add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }} + with_items: "{{ os_server_result.results }}" + + - name: Create profiles servers for {{ item_cloud.name }} + os_server: + cloud: "{{ item_cloud.oscc_cloud|default(item_cloud.name) }}" + state: "{{ item.1.state|default(omit) }}" + name: "{{ item.1.name }}" + image: "{{ item.1.image }}" + auto_ip: "{{ item.1.auto_ip|default(omit) }}" + boot_from_volume: "{{ item.1.boot_from_volume|default(omit) }}" + boot_volume: "{{ item.1.boot_volume|default(omit) }}" + config_drive: "{{ item.1.config_drive|default(omit) }}" + flavor: "{{ item.1.flavor|default(omit) }}" + flavor_include: "{{ item.1.flavor_include|default(omit) }}" + flavor_ram: "{{ item.1.flavor_ram|default(omit) }}" + floating_ip_pools: "{{ item.1.floating_ip_pools|default(omit) }}" + floating_ips: "{{ item.1.floating_ips|default(omit) }}" + image_exclude: "{{ item.1.image_exclude|default(omit) }}" + key: "{{ item.1.key|default(omit) }}" + key_name: "{{ item.1.key_name|default(omit) }}" + meta: "{{ item.1.meta|default(omit) }}" + network: "{{ item.1.network|default(omit) }}" + nics: "{{ item.1.nics|default(omit) }}" + scheduler_hints: "{{ item.1.scheduler_hints|default(omit) }}" + security_groups: "{{ item.1.security_groups|default(omit) }}" + terminate_volume: "{{ item.1.terminate_volume|default(omit) }}" + userdata: "{{ item.1.userdata|default(omit) }}" + volume_size: "{{ item.1.volume_size|default(omit) }}" + volumes: "{{ item.1.volumes|default(omit) }}" + with_subelements: + - "{{ profiles|default([]) }}" + - servers + - { skip_missing: yes } + when: "{{ item_cloud.profiles is defined and item.0.name in item_cloud.profiles }}" + tags: + - servers + register: os_server_result + + - add_host: name={{ item.server.name }} groups=cl_servers_just_created ansible_ssh_host={{ item.server.public_v4 }} + with_items: "{{ os_server_result.results }}" + when: not generate_keypair|bool diff --git a/tests/test.yaml b/tests/test.yaml index edc0f75..b6c1be6 100644 --- a/tests/test.yaml +++ b/tests/test.yaml @@ -22,43 +22,49 @@ post_tasks: - name: Querying for test_domain domain - shell: openstack --os-cloud devstack-admin domain show test_domain + command: openstack --os-cloud devstack-admin domain show test_domain register: result + changed_when: False - name: Assert test_domain domain has been created assert: { that: result.rc == 0 } - name: Querying for test_project project - shell: openstack --os-cloud devstack-admin project show test_project --domain test_domain + command: openstack --os-cloud devstack-admin project show test_project --domain test_domain register: result + changed_when: False - name: Assert test_project project has been created assert: { that: result.rc == 0 } - name: Querying for test_user user - shell: openstack --os-cloud devstack-admin user show test_user --domain test_domain + command: openstack --os-cloud devstack-admin user show test_user --domain test_domain register: result + changed_when: False - name: Assert test_user user has been created assert: { that: result.rc == 0 } - name: Querying for test_server_a server - shell: openstack --os-cloud devstack-admin server show test_server_a + command: openstack --os-cloud devstack-admin server show test_server_a register: result + changed_when: False - name: Assert test-server-a server has been created assert: { that: result.rc == 0 } - name: Querying for test_server_b server - shell: openstack --os-cloud devstack server show test_server_b + command: openstack --os-cloud devstack server show test_server_b register: result + changed_when: False - name: Assert test_server_a server has been created assert: { that: result.rc == 0 } - name: Querying for test_network network - shell: openstack --os-cloud devstack network show test_network + command: openstack --os-cloud devstack network show test_network register: result + changed_when: False - name: Assert test-network network has been created assert: { that: result.rc == 0 } diff --git a/tox.ini b/tox.ini index 58b83e9..040b5ba 100644 --- a/tox.ini +++ b/tox.ini @@ -38,7 +38,7 @@ commands = # PEP8 Lint Check flake8 # Ansible Lint Check - bash -c "find . -type f -regex '.*.y[a]?ml' -print0 | xargs -t -n1 -0 \ + bash -c "find . -type f -regex '.*.y[a]?ml' ! -path './.tox/*' -print0 | xargs -t -n1 -0 \ ansible-lint" # Ansible Syntax Check bash -c "find tests -type f -regex '.*.y[a]?ml' ! -name 'resources.yml' \