1. \u00a0Get Credentials<\/h2>\n
On COPC, you can navigate to your project and download the OpenStack RC File. \u00a0This is done from the ACCESS & SECURITY tab and then clicking on the API Access tab on the right.<\/p>\n
Now, we’re ready to role.<\/p>\n I covered Ansible in previous<\/a> posts. \u00a0So I’m going to assume you already have it. \u00a0Let’s create a few directories and files. \u00a0I put all my stuff in the ~\/Code directory and then under the projects directory. \u00a0I then make sure everything in this directory belongs to some sort of git repo. \u00a0Some of those are on github (like this one) and others are in a private gitlab, or a private github repository.<\/p>\n This file will have our info for where our inventory is.<\/p>\n This will be global settings for our environment. \u00a0We tell it not to use cowsay<\/a>, but you can if you want. \u00a0Its kind of cute. \u00a0You may not have it installed. \u00a0We also tell it to use the contents of the inventory directory (which we’re going to create) to go to our hosts.<\/p>\n host_key_checking tells it that when we access a new server, not to worry if we’ve never seen the host before and attach to it anyway. \u00a0Finally, our remote user is core as this is the default user for the coreos instance that I’m using.<\/p>\n We create a directory called inventory and add the file hosts. \u00a0We then add our one machine (our localhost!) \u00a0The contents looks like this:<\/p>\n You’ll notice here I also added which python I wanted to use, just in case I had other versions on the system. \u00a0This might be good too if you were using virtual environments.<\/p>\n This is where we put the specifics of what we want deployed. \u00a0In our case we need to define the following:<\/p>\n The security group ‘default’ in my project, as seen from the dashboard actually includes port 22. \u00a0This is important so that I can ssh into it after its provisioned and do more things.<\/p>\n I imported my coreos image from the CoreOS OpenStack image website<\/a>. \u00a0After importing it in from the dashboard, I clicked on the image to see the image ID:<\/p>\n Finally, the keypair is one I generated beforehand and downloaded into my server so I can log into it afterwards.<\/p>\n This file is our playbook. \u00a0It will provision a server. \u00a0Let’s look at the contents:<\/p>\n The great thing about this script is that none of the secrets are put into it. \u00a0Using the environment variables that we did by sourcing the ~\/.project-openrc.sh file we are able to run the code perfectly.<\/p>\n Everything here is pretty self explanatory in that we are just passing in variables to the nova_compute task to bring up a new instance. \u00a0The name will be demo-server and everything else we’ve defined. \u00a0If the instance is already up, Ansible won’t go and try to provision a new one. \u00a0Its looking for demo-server, if he’s there, he won’t touch him.<\/p>\n We’re now watch the output on the dashboard and you can see it will spawn up.<\/p>\n![\"COPC-Access&Security\"](\"http:\/\/benincosa.com\/wp-content\/uploads\/2015\/05\/COPC-AccessSecurity.png\")
<\/a>Once you download this file, you put it in your ~\/ directory. \u00a0I use a Mac so I just added the contents to my ~\/.bash_profile.sh file. It looks like this:<\/p>\nexport OS_AUTH_URL=http:\/\/metacloud.url.at.your.site.com:5000\/v2.0\r\nexport OS_TENANT_ID=12345123412341234123412341234\r\nexport OS_TENANT_NAME=\"TCO Application\"\r\nexport OS_USERNAME=vallard\r\nexport OS_PASSWORD=supersecret<\/pre>\n
2. Ansible Setup<\/h2>\n
.\/ansible.cfg<\/h3>\n
[defaults]\r\nnocows = 1\r\nhostfile = .\/inventory\r\nhost_key_checking = false\r\nremote_user = core\r\n<\/pre>\n
.\/inventory\/hosts<\/h3>\n
[local]\r\nlocalhost ansible_python_interpreter=\/usr\/local\/bin\/python<\/pre>\n
.\/vars\/copc_vars.yml<\/h3>\n
---\r\nsecurity_group: default\r\ncoreos_image_id: 2f82af25-e4cf-4c65-a52f-c13ad0ea475a \r\nfloating_ip_pool: nova\r\nkeypair: tco-gold\r\n<\/pre>\n
![\"Screen](\"http:\/\/benincosa.com\/wp-content\/uploads\/2015\/05\/Screen-Shot-2015-05-01-at-2.50.42-PM.png\")
<\/a>\u00a0 \u00a0The floating IP pool is nova, I got that from looking at the dashboard as well.<\/p>\ncopc-one.yml<\/h3>\n
- name: launch one nova instance\r\n connection: local\r\n hosts: localhost\r\n vars_files:\r\n - vars\/copc_vars.yml\r\n\r\n tasks: \r\n \r\n - name: Ensure New server is up. \r\n nova_compute:\r\n state: present\r\n auth_url: \"{{ lookup('env', 'OS_AUTH_URL') }}\"\r\n login_username: \"{{ lookup('env', 'OS_USERNAME') }}\"\r\n login_password: \"{{ lookup('env', 'OS_PASSWORD') }}\"\r\n login_tenant_name: \"{{ lookup('env', 'OS_TENANT_NAME') }}\"\r\n name: demo-server\r\n image_id: \"{{ coreos_image_id }}\"\r\n key_name: \"{{ keypair }}\"\r\n flavor_id: 5 \r\n security_groups: \"{{ security_group }}\"\r\n floating_ip_pools:\r\n - \"{{ floating_ip_pool }}\"<\/pre>\n3. Run the Playbook<\/h2>\n
ansible-playbook copc-one.yml<\/pre>\n
![\"Screen](\"http:\/\/benincosa.com\/wp-content\/uploads\/2015\/05\/Screen-Shot-2015-05-01-at-3.19.13-PM.png\")
<\/a><\/p>\n