forked from openshift/installer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
update-network-resources.yaml
60 lines (48 loc) · 2.2 KB
/
update-network-resources.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# Required Python packages:
#
# ansible
# openstackclient
# openstacksdk
# netaddr
- ansible.builtin.import_playbook: common.yaml
- hosts: all
gather_facts: no
tasks:
- name: 'Set tags on the primary cluster network'
ansible.builtin.command:
cmd: "openstack network set --tag {{ primary_cluster_network_tag }} --tag {{ cluster_id_tag }} {{ os_network }}"
- name: 'Set tags on primary cluster subnet IPv4'
ansible.builtin.command:
cmd: "openstack subnet set --tag {{ cluster_id_tag }} {{ os_subnet }}"
- name: 'Set tags on primary cluster subnet IPv6'
ansible.builtin.command:
cmd: "openstack subnet set --tag {{ cluster_id_tag }} {{ os_subnet6 }}"
when: os_subnet6 is defined
- name: 'Set tags on the API VIP port'
ansible.builtin.command:
cmd: "openstack port set --tag {{ cluster_id_tag }} {{ os_port_api }}"
- name: 'Set tags on the Ingress VIP port'
ansible.builtin.command:
cmd: "openstack port set --tag {{ cluster_id_tag }} {{ os_port_ingress }}"
- name: 'Set external router tag'
ansible.builtin.command:
cmd: "openstack router set --tag {{ cluster_id_tag }} {{ os_router }}"
when: os_external_network is defined and os_external_network|length>0
# NOTE: openstack ansible module doesn't allow attaching Floating IPs to
# ports, let's use the CLI instead
- name: 'Attach the API floating IP to API port'
ansible.builtin.command:
cmd: "openstack floating ip set --port {{ os_port_api }} {{ os_api_fip }}"
when: os_api_fip is defined and os_api_fip|length>0
# NOTE: openstack ansible module doesn't allow attaching Floating IPs to
# ports, let's use the CLI instead
- name: 'Attach the Ingress floating IP to Ingress port'
ansible.builtin.command:
cmd: "openstack floating ip set --port {{ os_port_ingress }} {{ os_ingress_fip }}"
when: os_ingress_fip is defined and os_ingress_fip|length>0
- name: 'Set security group to api port'
ansible.builtin.command:
cmd: "openstack port set --security-group {{ os_sg_master }} {{ os_port_api }}"
- name: 'Set security group to ingress port'
ansible.builtin.command:
cmd: "openstack port set --security-group {{ os_sg_worker }} {{ os_port_ingress }}"