diff --git a/docs/vagrant.md b/docs/vagrant.md new file mode 100644 index 0000000000..c4e8ac80f4 --- /dev/null +++ b/docs/vagrant.md @@ -0,0 +1,81 @@ +Vagrant up! +============================ + +This guide describes how to use [Vagrant][] to assist in developing for Kolla. + +Vagrant is a tool to assist in scripted creation of virtual machines, it will +take care of setting up a CentOS-based cluster of virtual machines, each with +proper hardware like memory amount and number of network interfaces. + +[Vagrant]: http://vagrantup.com + + +Getting Started +--------------- + +The vagrant setup will build a cluster with the following nodes: + +- 3 support nodes +- 1 compute node +- 1 operator node + +Kolla runs from the operator node to deploy OpenStack on the other nodes. + +All nodes are connected with each other on the secondary nic, the primary nic +is behind a NAT interface for connecting with the internet. A third nic is +connected without IP configuration to a public bridge interface. This may be +used for Neutron/Nova to connect to instances. + +Start with downloading and installing the Vagrant package for your distro of +choice. Various downloads can be found [here][]. After we will install the +hostmanager plugin so all hosts are recorded in /etc/hosts (inside each vm): + + vagrant plugin install vagrant-hostmanager + +Vagrant supports a wide range of virtualization technologies, of which we will +use VirtualBox for now. + +Find some place in your homedir and checkout the Kolla repo + + git clone https://github.com/stackforge/kolla.git ~/dev/kolla + +You can now tweak the Vagrantfile or start a CentOS7-based cluster right away: + + cd ~/dev/kolla/vagrant && vagrant up + +The command `vagrant up` will build your cluster, `vagrant status` will give +you a quick overview once done. + +[here]: https://www.vagrantup.com/downloads.html + +Vagrant Up +--------- + +Once vagrant has completed deploying all nodes, we can focus on launching Kolla. +First, connect with the _operator_ node: + + vagrant ssh operator + +Once connected you can run a simple Ansible-style ping to verify if the cluster is operable: + + ansible -i kolla/ansible/inventory/multinode all -m ping -e ansible_ssh_user=root + +Congratulations, your cluster is usable and you can start deploying OpenStack using Ansible! + +To speed things up, there is a local registry running on the operator. All nodes are configured +so they can use this insecure repo to pull from, and they will use it as mirror. Ansible may +use this registry to pull images from. + +All nodes have a local folder shared between the group and the hypervisor, and a folder shared +between _all_ nodes and the hypervisor. This mapping is lost after reboots, so make sure you use +the command `vagrant reload ` when reboots are required. Having this shared folder you +have a method to supply a different docker binary to the cluster. The shared folder is also +used to store the docker-registry files, so they are save from destructive operations like +`vagrant destroy`. + +Further Reading +--------------- + +All Vagrant documentation can be found on their [website][]. + +[website]: http://docs.vagrantup.com diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile new file mode 100644 index 0000000000..9a62ffbb0f --- /dev/null +++ b/vagrant/Vagrantfile @@ -0,0 +1,91 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +# Configure a new SSH key and config so the operator is able to connect with +# the other cluster nodes. +if not File.file?("./vagrantkey") + system("ssh-keygen -f ./vagrantkey -N '' -C this-is-vagrant") +end + +Vagrant.configure(2) do |config| + # The base image to use + # TODO (harmw): something more close to vanilla would be nice, someday. + config.vm.box = "puppetlabs/centos-7.0-64-puppet" + + # Next to the hostonly NAT-network there is a host-only network with all + # nodes attached. Plus, each node receives a 3rd adapter connected to the + # outside public network. + # TODO (harmw): see if there is a way to automate the selection of the bridge + # interface. + config.vm.network "private_network", type: "dhcp" + config.vm.network "public_network", ip: "0.0.0.0", bridge: "wlp3s0b1" + + my_privatekey = File.read(File.join(File.dirname(__FILE__), "vagrantkey")) + my_publickey = File.read(File.join(File.dirname(__FILE__), "vagrantkey.pub")) + + # TODO (harmw): This is slightly difficult to read. + config.vm.provision :shell, :inline => "mkdir -p /root/.ssh && echo '#{my_privatekey}' > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa" + config.vm.provision :shell, :inline => "echo '#{my_publickey}' > /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys" + config.vm.provision :shell, :inline => "mkdir -p /home/vagrant/.ssh && echo '#{my_privatekey}' >> /home/vagrant/.ssh/id_rsa && chmod 600 /home/vagrant/.ssh/*" + config.vm.provision :shell, :inline => "echo 'Host *' > ~vagrant/.ssh/config" + config.vm.provision :shell, :inline => "echo StrictHostKeyChecking no >> ~vagrant/.ssh/config" + config.vm.provision :shell, :inline => "chown -R vagrant: /home/vagrant/.ssh" + + config.hostmanager.enabled = true + config.hostmanager.ip_resolver = proc do |vm, resolving_vm| + if vm.id + `VBoxManage guestproperty get #{vm.id} "/VirtualBox/GuestInfo/Net/1/V4/IP"`.split()[1] + end + end + + # The operator controls the deployment + config.vm.define "operator" do |admin| + admin.vm.hostname = "operator.local" + admin.vm.provision :shell, path: "bootstrap.sh", args: "operator" + admin.vm.synced_folder "storage/operator/", "/data/host", create:"True" + admin.vm.synced_folder "storage/shared/", "/data/shared", create:"True" + admin.vm.synced_folder ".", "/vagrant", disabled: true + admin.vm.provider "virtualbox" do |vb| + vb.memory = 1024 + end + admin.hostmanager.aliases = "operator" + end + + # Build compute nodes + (1..1).each do |i| + config.vm.define "compute0#{i}" do |compute| + compute.vm.hostname = "compute0#{i}.local" + compute.vm.provision :shell, path: "bootstrap.sh" + compute.vm.synced_folder "storage/compute/", "/data/host", create:"True" + compute.vm.synced_folder "storage/shared/", "/data/shared", create:"True" + compute.vm.synced_folder ".", "/vagrant", disabled: true + compute.vm.provider "virtualbox" do |vb| + vb.memory = 1024 + end + compute.hostmanager.aliases = "compute0#{i}" + end + end + + # Build support nodes + (1..3).each do |i| + config.vm.define "support0#{i}" do |support| + support.vm.hostname = "support0#{i}.local" + support.vm.provision :shell, path: "bootstrap.sh" + support.vm.synced_folder "storage/support/", "/data/host", create:"True" + support.vm.synced_folder "storage/shared/", "/data/shared", create:"True" + support.vm.synced_folder ".", "/vagrant", disabled: true + support.vm.provider "virtualbox" do |vb| + vb.memory = 2048 + end + support.hostmanager.aliases = "support0#{i}" + + # TODO: Here we bind local port 8080 to Horizon on support01 only. + # TODO: Once we implement Horizon behind a VIP, this obviously needs to + # be changed. + #if i < 2 then + # config.vm.network "forwarded_port", guest: 80, host: 8080 + #end + end + end + +end diff --git a/vagrant/bootstrap.sh b/vagrant/bootstrap.sh new file mode 100644 index 0000000000..4a975198c2 --- /dev/null +++ b/vagrant/bootstrap.sh @@ -0,0 +1,124 @@ +#!/usr/bin/env bash +# +# Bootstrap script to configure all nodes. +# + +export http_proxy= +export https_proxy= + +# Install common packages and do some prepwork. +function prepwork { + systemctl stop firewalld + systemctl disable firewalld + + # This removes the fqdn from /etc/hosts's 127.0.0.1. This name.local will + # resolve to the public IP instead of localhost. + sed -i -r "s/^(127\.0\.0\.1\s+)(.*) `hostname` (.+)/\1 \3/" /etc/hosts + + yum install -y http://mirror.nl.leaseweb.net/epel/7/x86_64/e/epel-release-7-5.noarch.rpm + yum install -y MySQL-python vim-enhanced python-pip python-devel gcc openssl-devel libffi-devel libxml2-devel libxslt-devel && yum clean all + pip install --upgrade docker-py shade +} + +# Install and configure a quick&dirty docker daemon. +function installdocker { + # Allow for an externally supplied docker binary. + if [ -f "/data/docker" ]; then + cp /vagrant/docker /usr/bin/docker + chmod +x /usr/bin/docker + else + cat >/etc/yum.repos.d/docker.repo <<-EOF +[dockerrepo] +name=Docker Repository +baseurl=https://yum.dockerproject.org/repo/main/centos/7 +enabled=1 +gpgcheck=1 +gpgkey=https://yum.dockerproject.org/gpg +EOF + # Also upgrade device-mapper here because of: + # https://github.com/docker/docker/issues/12108 + yum install -y docker-engine device-mapper + + # Despite it shipping with /etc/sysconfig/docker, Docker is not configured to + # load it from it's service file. + sed -i -r 's,(ExecStart)=(.+),\1=\2 --insecure-registry operator.local:5000 --registry-mirror=http://operator.local:5000,' /usr/lib/systemd/system/docker.service + + systemctl daemon-reload + systemctl enable docker + systemctl start docker + fi + + usermod -aG docker vagrant +} + +# Configure the operator node and install some additional packages. +function configureoperator { + yum install -y git mariadb && yum clean all + pip install --upgrade ansible python-openstackclient + + if [ ! -d ~vagrant/kolla ]; then + su - vagrant sh -c "https_proxy=$https_proxy git clone https://github.com/stackforge/kolla.git ~/kolla" + pip install -r ~vagrant/kolla/requirements.txt + fi + + # Note: this trickery requires a patched docker binary. + if [ "$http_proxy" = "" ]; then + su - vagrant sh -c "echo BUILDFLAGS=\\\"--build-env=http_proxy=$http_proxy --build-env=https_proxy=$https_proxy\\\" > ~/kolla/.buildconf" + fi + + ln -sf ~vagrant/kolla/etc/kolla/ /etc/kolla + ln -sf ~vagrant/kolla/etc/kolla/ /usr/share/kolla + + # Make sure Ansible uses scp. + cat > ~vagrant/.ansible.cfg < ~vagrant/openrc < ~vagrant/tag-and-push.sh <