OpenStack-Ansible Qdrouterd

This Ansible role deploys Qdrouterd. When multiple hosts are present in the qdrouterd_all inventory group, a router mesh is created.

Table of Contents

To clone or view the source code for this repository, visit the role repository for qdrouterd.

Default variables

# defaults file for ansible-qdrouterd

# Package install state, options are 'present' and 'latest'
qdrouterd_package_state: "latest"

# Inventory group containg the hosts for the mesh
qdrouterd_host_group: "qdrouterd_all"

# Qdrouterd Service config
qdrouterd_service_name: "{{ _qdrouterd_service_name }}"
qdrouterd_etc_conf_path: "{{ _qdrouterd_etc_conf_path }}"
qdrouterd_etc_conf_file: "{{ _qdrouterd_etc_conf_file }}"
qdrouterd_log_file:  "/var/log/qdrouterd/qdrouterd.log"

# Qdrouterd router config
qdrouterd_host_count: "{{ groups['qdrouterd_all'] | length}}"
qdrouterd_mode: "{% if qdrouterd_host_count == '1' %}standalone{% else %}interior{% endif %}"
qdrouterd_listener_addr: 0.0.0.0
qdrouterd_listener_port_ssl: 31459
qdrouterd_listener_port_plain: 31460
qdrouterd_listener_auth_peer: "no"
qdrouterd_listener_sasl_mech: "ANONYMOUS PLAIN"
qdrouterd_irl_addr: 0.0.0.0
qdrouterd_irl_port_ssl: 31461
qdrouterd_irl_port_plain: 31462
qdrouterd_irl_auth_peer: "no"
qdrouterd_irl_sasl_mech: "ANONYMOUS PLAIN"
qdrouterd_worker_threads: 4
qdrouterd_sasl_conf_path: "/etc/sasl2"
qdrouterd_sasl_conf_file: "/etc/sasl2/qdrouterd.conf"
qdrouterd_log_module: "DEFAULT"
qdrouterd_log_enable: "trace+"

# Qdrouterd SSL support
qdrouterd_ssl_cert: "{{ qdrouterd_etc_conf_path }}/ssl/qdrouterd.pem"
qdrouterd_ssl_key: "{{ qdrouterd_etc_conf_path }}/ssl/qdrouterd.key"
#qdrouterd_ssl_ca_cert: "{{ qdrouterd_etc_conf_path }}/ssl/qdrouterd-ca.pem"

# Set qdrouterd_ssl_sefl_signed_regen to true if you want to generate a new
# SSL certificate for Qdrouterd when this playbook runs. You can also change
# the subject of the self-signed certificate here if you prefer.
qdrouterd_ssl_self_signed_regen: false
qdrouterd_ssl_self_signed_subject: "/C=US/ST=Massachusetts/L=Boston/O=IT/CN={{ ansible_hostname }}"

# Define user-provided SSL certificates in:
# /etc/openstack_deploy/user_variables.yml
#qdrouterd_user_ssl_cert: <path to cert on ansible deployment host>
#qdrouterd_user_ssl_key: <path to cert on ansible deployment host>
#qdrouterd_user_ssl_ca_cert: <path to cert on ansible deployment host>

Dependencies

This role needs pip >= 7.1 installed on the target host.

Example playbook