Update MNAIO for Focal

This patch removes legacy support for 14.04/16.04/18.04
on the deploy node and moves the default deploy to
Xena on 20.04 LTS. Root disk size has been bumped to support
upgrades (8 GB -> 12 GB).

Change-Id: I81a13464b9daa90090cb380e2b0d89e5eb8fe89a
This commit is contained in:
James Denton 2022-01-12 21:12:57 +00:00
parent 5c1bd46f91
commit ab91446804
21 changed files with 133 additions and 482 deletions

View File

@ -1,6 +1,6 @@
OpenStack-Ansible Multi-Node AIO OpenStack-Ansible Multi-Node AIO
################################ ################################
:date: 2016-03-09 :date: 2022-01-12
:tags: rackspace, openstack, ansible :tags: rackspace, openstack, ansible
:category: \*openstack, \*nix :category: \*openstack, \*nix
@ -20,7 +20,7 @@ Process
------- -------
Create at least one physical host that has public network access and is running Create at least one physical host that has public network access and is running
an Ubuntu 14.04/16.04/18.04 LTS Operating system. System assumes that you have an an Ubuntu 20.04 LTS Operating system. System assumes that you have an
unpartitioned device with at least 1TB of storage, however you can customize the unpartitioned device with at least 1TB of storage, however you can customize the
size of each VM volume by setting the option ``${VM_DISK_SIZE}``. If you're size of each VM volume by setting the option ``${VM_DISK_SIZE}``. If you're
using the Rackspace OnMetal servers the drive partitioning will be done for you using the Rackspace OnMetal servers the drive partitioning will be done for you
@ -55,8 +55,6 @@ Physical Host Specs known to work well
20 124GB 1.3TB 20 124GB 1.3TB
=========== ======== ============ =========== ======== ============
These specs are covered by the Rackspace OnMetal-IO v1/2 Servers.
Deployments default to the ML2/LinuxBridge network plugin. Available options Deployments default to the ML2/LinuxBridge network plugin. Available options
at this time include: at this time include:
@ -80,6 +78,14 @@ to executing the build:
export MNAIO_ANSIBLE_PARAMETERS="-e osa_enable_networking_ovs_dvr=true" export MNAIO_ANSIBLE_PARAMETERS="-e osa_enable_networking_ovs_dvr=true"
./build.sh ./build.sh
To deploy an MNAIO without LXC, set the following parameter(s) prior
to executing the build:
.. code-block:: bash
export MNAIO_ANSIBLE_PARAMETERS="-e osa_no_containers=true"
./build.sh
When your ready, run the build script by executing ``bash ./build.sh``. The When your ready, run the build script by executing ``bash ./build.sh``. The
build script current executes a deployment of OpenStack Ansible using the master build script current executes a deployment of OpenStack Ansible using the master
branch. If you want to do something other than deploy master you can set the branch. If you want to do something other than deploy master you can set the
@ -157,8 +163,8 @@ Instruct the system do all of the required DHCPD setup:
Instruct the system to Kick all of the VMs: Instruct the system to Kick all of the VMs:
``DEPLOY_VMS=${DEPLOY_VMS:-true}`` ``DEPLOY_VMS=${DEPLOY_VMS:-true}``
Instruct the VM to use the selected image, eg. ubuntu-16.04-amd64: Instruct the VM to use the selected image, eg. ubuntu-18.04-amd64:
``DEFAULT_IMAGE=${DEFAULT_IMAGE:-ubuntu-16.04-amd64}`` ``DEFAULT_IMAGE=${DEFAULT_IMAGE:-ubuntu-18.04-amd64}``
Instruct the VM to use the selected kernel meta package, eg. linux-generic: Instruct the VM to use the selected kernel meta package, eg. linux-generic:
``DEFAULT_KERNEL=${DEFAULT_KERNEL:-linux-image-generic}`` ``DEFAULT_KERNEL=${DEFAULT_KERNEL:-linux-image-generic}``

View File

@ -27,18 +27,15 @@ build-essential [platform:dpkg]
git-core [platform:dpkg] git-core [platform:dpkg]
libssl-dev [platform:dpkg] libssl-dev [platform:dpkg]
libffi-dev [platform:dpkg] libffi-dev [platform:dpkg]
python2.7 [platform:dpkg] python3 [platform:dpkg]
python-apt [platform:dpkg] python3-apt [platform:dpkg]
python-dev [platform:dpkg] python3-dev [platform:dpkg]
# Base requirements for RPM distros # Base requirements for RPM distros
gcc [platform:rpm] gcc [platform:rpm]
gcc-c++ [platform:rpm] gcc-c++ [platform:rpm]
git [platform:rpm] git [platform:rpm]
libffi-devel [platform:rpm !platform:opensuseproject-42]
libffi-devel-gcc5 [platform:opensuseproject-42]
openssl-devel [platform:redhat] openssl-devel [platform:redhat]
libopenssl-devel [platform:suse]
python-devel [platform:rpm] python-devel [platform:rpm]
python2-dnf [platform:fedora] python2-dnf [platform:fedora]
@ -49,15 +46,12 @@ libsemanage-python [platform:redhat]
# For SSL SNI support # For SSL SNI support
python-pyasn1 [platform:dpkg platform:suse] python-pyasn1 [platform:dpkg platform:suse]
python-openssl [platform:dpkg] python-openssl [platform:dpkg]
python-ndg-httpsclient [platform:ubuntu !platform:ubuntu-14] python3-ndg-httpsclient [platform:ubuntu]
python2-pyasn1 [platform:redhat] python2-pyasn1 [platform:redhat]
python2-pyOpenSSL [platform:redhat !platform:fedora] python2-pyOpenSSL [platform:redhat !platform:fedora]
pyOpenSSL [platform:fedora] pyOpenSSL [platform:fedora]
python-pyOpenSSL [platform:opensuseproject-42]
python2-pyOpenSSL [platform:suse !platform:opensuseproject-42]
python-ndg_httpsclient [platform:redhat !platform:fedora] python-ndg_httpsclient [platform:redhat !platform:fedora]
python2-ndg_httpsclient [platform:fedora] python2-ndg_httpsclient [platform:fedora]
python-ndg-httpsclient [platform:suse]
# Required for compressing collected log files in CI # Required for compressing collected log files in CI
gzip gzip

View File

@ -20,11 +20,7 @@ BINDEP_FILE=${BINDEP_FILE:-bindep.txt}
# We use the OSA branch variable to pin both the plugins # We use the OSA branch variable to pin both the plugins
# and the ansible version used to work together. # and the ansible version used to work together.
# TODO(odyssey4me): export OSA_DEPS_BRANCH=${OSA_DEPS_BRANCH:-master}
# Switch this to use the master branch once the following
# bug is fixed.
# https://github.com/ansible/ansible/issues/47301
export OSA_DEPS_BRANCH=${OSA_DEPS_BRANCH:-stable/rocky}
source /etc/os-release || source /usr/lib/os-release source /etc/os-release || source /usr/lib/os-release

View File

@ -42,7 +42,7 @@ ansible-playbook -vv \
-e osa_branch=${OSA_BRANCH:-"master"} \ -e osa_branch=${OSA_BRANCH:-"master"} \
-e os_ops_branch=${OS_OPS_BRANCH:-"master"} \ -e os_ops_branch=${OS_OPS_BRANCH:-"master"} \
-e default_network=${DEFAULT_NETWORK:-"eth0"} \ -e default_network=${DEFAULT_NETWORK:-"eth0"} \
-e default_image=${DEFAULT_IMAGE:-"ubuntu-18.04-amd64"} \ -e default_image=${DEFAULT_IMAGE:-"ubuntu-20.04-amd64"} \
-e vm_disk_size=${VM_DISK_SIZE:-92160} \ -e vm_disk_size=${VM_DISK_SIZE:-92160} \
-e http_proxy=${http_proxy:-''} \ -e http_proxy=${http_proxy:-''} \
-e run_osa=${RUN_OSA:-"true"} \ -e run_osa=${RUN_OSA:-"true"} \

View File

@ -114,32 +114,6 @@
set_fact: set_fact:
network_setup: "{{ images[default_vm_image]['network_setup'] }}" network_setup: "{{ images[default_vm_image]['network_setup'] }}"
# ENI Block
- name: Generate guest networking scripts for /e/n/i family
template:
src: "pxe/configs/eni/vm-bridges.cfg.j2"
dest: /var/www/pxe/networking/{{ hostvars[item]['server_hostname'] }}-bridges.cfg
mode: "0644"
owner: root
group: root
with_items: "{{ groups['pxe_servers'] }}"
when: network_setup | lower == "eni"
- name: Generate post-install network scripts for /e/n/i family
template:
src: "pxe/configs/eni/{{ item.src }}"
dest: /var/www/pxe/{{ item.dir }}/{{ item.dest }}
mode: "0644"
owner: root
group: root
with_items:
- src: basic-interface.cfg
dest: basic-debian-interface.cfg
dir: networking
- src: eni-post-network-script.sh.j2
dest: vm-post-network-script.sh
dir: scripts
when: network_setup | lower == "eni"
# Systemd-networkd Block # Systemd-networkd Block
- name: Generate vm network scripts for systemd-network family - name: Generate vm network scripts for systemd-network family

View File

@ -249,25 +249,6 @@
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
# In vm-post-install-script.sh.j2 we chattr +i the interfaces file to prevent
# the preseed system from overwriting the file after we've modified it. The
# task below simply removes the immutable attribute.
- name: Remove immutable attr from /etc/network/interfaces
hosts: vm_servers
gather_facts: true
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- deploy-vms
tasks:
- name: Remove immutable attr from /etc/network/interfaces
file:
path: /etc/network/interfaces
attr: ""
when:
- ansible_distribution | lower == "ubuntu"
- ansible_distribution_release | lower == "trusty"
- name: Set MaxSessions and MaxStartups to reduce connection failures - name: Set MaxSessions and MaxStartups to reduce connection failures
hosts: vm_servers hosts: vm_servers
gather_facts: "{{ gather_facts | default(true) }}" gather_facts: "{{ gather_facts | default(true) }}"
@ -363,6 +344,12 @@
size: "100%FREE" size: "100%FREE"
shrink: false shrink: false
- name: Modify scan_lvs for nested vg
replace:
path: /etc/lvm/lvm.conf
regexp: "scan_lvs = 0"
replace: "scan_lvs = 1"
- name: Create data cinder-volumes VG - name: Create data cinder-volumes VG
lvg: lvg:
vg: cinder-volumes vg: cinder-volumes

View File

@ -12,13 +12,13 @@
# limitations under the License. # limitations under the License.
default_interface: "{{ default_network | default('eth0') }}" default_interface: "{{ default_network | default('eth0') }}"
default_vm_image: "{{ default_image | default('ubuntu-16.04-amd64') }}" default_vm_image: "{{ default_image | default('ubuntu-20.04-amd64') }}"
default_vm_storage: "{{ vm_disk_size | default(92160) }}" default_vm_storage: "{{ vm_disk_size | default(92160) }}"
default_vm_root_disk_size: 8192 default_vm_root_disk_size: 12288
default_acng_bind_address: 0.0.0.0 default_acng_bind_address: 0.0.0.0
default_os_families: default_os_families:
ubuntu-16.04-amd64: debian ubuntu-20.04-amd64: debian
ubuntu-14.04-amd64: debian ubuntu-18.04-amd64: debian
default_ubuntu_kernel: linux-generic default_ubuntu_kernel: linux-generic
default_ubuntu_mirror_proxy: 'http://10.0.2.1:3142/' default_ubuntu_mirror_proxy: 'http://10.0.2.1:3142/'
@ -44,6 +44,21 @@ tftp_port: 69
# Default ISO images # Default ISO images
images: images:
ubuntu-20.04-amd64:
image_type: "debian"
network_setup: "systemd-networkd"
image_os: "ubuntu"
image-version: "focal"
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical"
image_netboot_kernel_url: "http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64/linux"
image_netboot_initrd_url: "http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64/initrd.gz"
image_configs:
vm:
url: "http://{{ tftp_server }}/configs/vm.config"
template_name: "vm.config"
vm-compute:
url: "http://{{ tftp_server }}/configs/vm-compute.config"
template_name: "vm-compute.config"
ubuntu-18.04-amd64: ubuntu-18.04-amd64:
image_type: "debian" image_type: "debian"
network_setup: "systemd-networkd" network_setup: "systemd-networkd"
@ -59,51 +74,6 @@ images:
vm-compute: vm-compute:
url: "http://{{ tftp_server }}/configs/vm-compute.config" url: "http://{{ tftp_server }}/configs/vm-compute.config"
template_name: "vm-compute.config" template_name: "vm-compute.config"
ubuntu-16.04-amd64:
image_type: "debian"
network_setup: "eni"
image_os: "ubuntu"
image-version: "xenial"
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical"
image_netboot_kernel_url: "http://archive.ubuntu.com/ubuntu/dists/xenial-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/linux"
image_netboot_initrd_url: "http://archive.ubuntu.com/ubuntu/dists/xenial-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/initrd.gz"
image_configs:
vm:
url: "http://{{ tftp_server }}/configs/vm.config"
template_name: "vm.config"
vm-compute:
url: "http://{{ tftp_server }}/configs/vm-compute.config"
template_name: "vm-compute.config"
ubuntu-14.04-amd64:
image_type: "debian"
network_setup: "eni"
image_os: "ubuntu"
image_version: "trusty"
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical quiet splash"
image_netboot_kernel_url: "http://archive.ubuntu.com/ubuntu/dists/trusty-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/linux"
image_netboot_initrd_url: "http://archive.ubuntu.com/ubuntu/dists/trusty-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/initrd.gz"
image_configs:
vm:
url: "http://{{ tftp_server }}/configs/vm.config"
template_name: "vm.config"
vm-compute:
url: "http://{{ tftp_server }}/configs/vm-compute.config"
template_name: "vm-compute.config"
centos-7-amd64:
image_type: "redhat"
network_setup: "systemd-networkd"
image_version: 7
image_netboot_kernel_url: "http://mirrors.edge.kernel.org/centos/7/os/x86_64/images/pxeboot/vmlinuz"
image_netboot_initrd_url: "http://mirrors.edge.kernel.org/centos/7/os/x86_64/images/pxeboot/initrd.img"
image_repo_base_url: "http://mirrors.edge.kernel.org/centos/7"
image_kernel_options: ""
image_configs:
vm:
url: "http://{{ tftp_server }}/configs/vm.config"
template_name: "vm.config"
vm-compute:
url: "http://{{ tftp_server }}/configs/vm-compute.config"
template_name: "vm-compute.config"
# mnaio_data_disk: 'sdc' # str - not required, set this to define a given data disk if no data disk # mnaio_data_disk: 'sdc' # str - not required, set this to define a given data disk if no data disk
# is defined the largest unpartitioned disk will be used. # is defined the largest unpartitioned disk will be used.

View File

@ -16,6 +16,9 @@ used_ips:
global_overrides: global_overrides:
internal_lb_vip_address: "{{ internal_lb_vip_address | default(hostvars[groups['loadbalancer_hosts'][0]]['server_networks']['mgmt']['address'].split('/')[0]) }}" internal_lb_vip_address: "{{ internal_lb_vip_address | default(hostvars[groups['loadbalancer_hosts'][0]]['server_networks']['mgmt']['address'].split('/')[0]) }}"
external_lb_vip_address: "{{ external_lb_vip_address | default(hostvars[groups['loadbalancer_hosts'][0]]['server_vm_fixed_addr']) }}" external_lb_vip_address: "{{ external_lb_vip_address | default(hostvars[groups['loadbalancer_hosts'][0]]['server_vm_fixed_addr']) }}"
{% if osa_no_containers | bool %}
no_containers: True
{% endif %}
tunnel_bridge: "br-vxlan" tunnel_bridge: "br-vxlan"
management_bridge: "br-mgmt" management_bridge: "br-mgmt"
provider_networks: provider_networks:

View File

@ -1,172 +0,0 @@
#!/usr/bin/env bash
# Load service variables
source /root/openrc
# Provide defaults for unset variables
# Set first two octets of network used for containers, storage, etc
NETWORK_BASE=${NETWORK_BASE:-172.29}
# Create base flavors for the new deployment
for flavor in micro tiny mini small medium large xlarge heavy; do
NAME="m1.${flavor}"
ID="${ID:-0}"
RAM="${RAM:-256}"
DISK="${DISK:-1}"
VCPU="${VCPU:-1}"
SWAP="${SWAP:-0}"
EPHEMERAL="${EPHEMERAL:-0}"
nova flavor-delete $ID > /dev/null || echo "No Flavor with ID: [ $ID ] found to clean up"
nova flavor-create $NAME $ID $RAM $DISK $VCPU --swap $SWAP --is-public true --ephemeral $EPHEMERAL --rxtx-factor 1
let ID=ID+1
let RAM=RAM*2
if [ "$ID" -gt 5 ];then
let VCPU=VCPU*2
let DISK=DISK*2
let EPHEMERAL=256
let SWAP=4
elif [ "$ID" -gt 4 ];then
let VCPU=VCPU*2
let DISK=DISK*4+$DISK
let EPHEMERAL=$DISK/2
let SWAP=4
elif [ "$ID" -gt 3 ];then
let VCPU=VCPU*2
let DISK=DISK*4+$DISK
let EPHEMERAL=$DISK/3
let SWAP=4
elif [ "$ID" -gt 2 ];then
let VCPU=VCPU+$VCPU/2
let DISK=DISK*4
let EPHEMERAL=$DISK/3
let SWAP=4
elif [ "$ID" -gt 1 ];then
let VCPU=VCPU+1
let DISK=DISK*2+$DISK
fi
done
# Neutron provider network setup
neutron net-create GATEWAY_NET \
--router:external=True \
--provider:physical_network=flat \
--provider:network_type=flat
neutron subnet-create GATEWAY_NET ${NETWORK_BASE}.248.0/22 \
--name GATEWAY_NET_SUBNET \
--gateway ${NETWORK_BASE}.248.1 \
--allocation-pool start=${NETWORK_BASE}.248.201,end=${NETWORK_BASE}.248.255 \
--dns-nameservers list=true ${DNS_NAMESERVER:-8.8.8.8}
# Neutron private network setup
neutron net-create PRIVATE_NET \
--shared \
--router:external=True \
--provider:network_type=vxlan \
--provider:segmentation_id 101
neutron subnet-create PRIVATE_NET 192.168.0.0/24 \
--name PRIVATE_NET_SUBNET
# Neutron router setup
ROUTER_ID=$(neutron router-create GATEWAY_NET_ROUTER | grep -w id | awk '{print $4}')
neutron router-gateway-set \
${ROUTER_ID} \
$(neutron net-list | awk '/GATEWAY_NET/ {print $2}')
neutron router-interface-add \
${ROUTER_ID} \
$(neutron subnet-list | awk '/PRIVATE_NET_SUBNET/ {print $2}')
# Neutron security group setup
for id in $(neutron security-group-list -f yaml | awk '/- id\:/ {print $3}'); do
# Allow ICMP
neutron security-group-rule-create --protocol icmp \
--direction ingress \
$id || true
# Allow all TCP
neutron security-group-rule-create --protocol tcp \
--port-range-min 1 \
--port-range-max 65535 \
--direction ingress \
$id || true
# Allow all UDP
neutron security-group-rule-create --protocol udp \
--port-range-min 1 \
--port-range-max 65535 -\
-direction ingress \
$id || true
done
# Create some default images
wget http://uec-images.ubuntu.com/releases/14.04/release/ubuntu-14.04-server-cloudimg-amd64-disk1.img
glance image-create --name 'Ubuntu 14.04 LTS' \
--container-format bare \
--disk-format qcow2 \
--visibility public \
--progress \
--file ubuntu-14.04-server-cloudimg-amd64-disk1.img
rm ubuntu-14.04-server-cloudimg-amd64-disk1.img
wget http://uec-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img
glance image-create --name 'Ubuntu 16.04' \
--container-format bare \
--disk-format qcow2 \
--visibility public \
--progress \
--file ubuntu-16.04-server-cloudimg-amd64-disk1.img
rm ubuntu-16.04-server-cloudimg-amd64-disk1.img
wget http://dfw.mirror.rackspace.com/fedora/releases/24/CloudImages/x86_64/images/Fedora-Cloud-Base-24-1.2.x86_64.qcow2
glance image-create --name 'Fedora 24' \
--container-format bare \
--disk-format qcow2 \
--visibility public \
--progress \
--file Fedora-Cloud-Base-24-1.2.x86_64.qcow2
rm Fedora-Cloud-Base-24-1.2.x86_64.qcow2
wget http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2
glance image-create --name 'CentOS 7' \
--container-format bare \
--disk-format qcow2 \
--visibility public \
--progress \
--file CentOS-7-x86_64-GenericCloud.qcow2
rm CentOS-7-x86_64-GenericCloud.qcow2
wget http://download.opensuse.org/repositories/Cloud:/Images:/Leap_42.1/images/openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2
glance image-create --name 'OpenSuse Leap 42' \
--container-format bare \
--disk-format qcow2 \
--visibility public \
--progress \
--file openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2
rm openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2
wget http://cdimage.debian.org/cdimage/openstack/current/debian-8.6.0-openstack-amd64.qcow2
glance image-create --name 'Debian 8.6.0' \
--container-format bare \
--disk-format qcow2 \
--visibility public \
--progress \
--file debian-8.6.0-openstack-amd64.qcow2
rm debian-8.6.0-openstack-amd64.qcow2
wget http://cdimage.debian.org/cdimage/openstack/testing/debian-testing-openstack-amd64.qcow2
glance image-create --name "Debian TESTING $(date +%m-%d-%y)" \
--container-format bare \
--disk-format qcow2 \
--visibility public \
--progress \
--file debian-testing-openstack-amd64.qcow2
rm debian-testing-openstack-amd64.qcow2
wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
glance image-create --name "Cirros-0.3.4" \
--container-format bare \
--disk-format qcow2 \
--visibility public \
--progress \
--file cirros-0.3.4-x86_64-disk.img
rm cirros-0.3.4-x86_64-disk.img

View File

@ -22,9 +22,7 @@ PassThroughPattern: .*
{% if http_proxy is defined and http_proxy %} {% if http_proxy is defined and http_proxy %}
Proxy: {{ http_proxy }} Proxy: {{ http_proxy }}
{% endif %} {% endif %}
{% if ansible_distribution_release | lower != 'trusty' %}
VfilePatternEx: ^/\?release=[0-9]+&arch= VfilePatternEx: ^/\?release=[0-9]+&arch=
{% endif %}
# NOTE(mhayden): Caching the CentOS mirror list causes yum to throw # NOTE(mhayden): Caching the CentOS mirror list causes yum to throw
# 503 errors intermittently since the remote file is dynamic. Also, # 503 errors intermittently since the remote file is dynamic. Also,
# yum has issues with retrieving the mariadb.org repodata bz2 and # yum has issues with retrieving the mariadb.org repodata bz2 and

View File

@ -1,7 +0,0 @@
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
source /etc/network/interfaces.d/*.cfg

View File

@ -1,30 +0,0 @@
#!/usr/bin/env bash
wget --no-proxy http://{{ tftp_server }}/networking/$(cat /etc/hostname)-bridges.cfg -O /etc/network/interfaces.d/vm-bridges.cfg
wget --no-proxy http://{{ tftp_server }}/networking/basic-debian-interface.cfg -O /etc/network/interfaces
# Trusty VMs seem to have their interfaces file overwritten after we write to
# it, so we make it immutable to ensure no further changes take place
# NOTE: We remove the immutable attr in deploy-vms.yml once the instance is up
# and accessible.
[[ "$(lsb_release -sc)" == "trusty" ]] && chattr +i /etc/network/interfaces
cat > /etc/network/if-up.d/post-up-rules <<EOF
#!/usr/bin/env bash
function iptables_filter_rule_add {
if ! iptables -w -t $1 -C $2;then
/sbin/iptables -w -t $1 -I $2
fi
}
# To ensure ssh checksum is correct
iptables_filter_rule_add "mangle" "POSTROUTING -p tcp --dport 22 -j CHECKSUM --checksum-fill"
# To provide internet connectivity to instances
iptables_filter_rule_add "nat" "POSTROUTING -o \$(ip route get 1 | awk '{print $5}') -j MASQUERADE"
# Make sure instances can talk to the metadata server
iptables_filter_rule_add "mangle" "POSTROUTING -p tcp --sport 80 -j CHECKSUM --checksum-fill"
EOF
chmod + /etc/network/if-up.d/post-up-rules

View File

@ -1,44 +0,0 @@
# Physical interface, could be bond. This only needs to be set once
{% set server_networks = hostvars[item]['server_networks'] %}
{% for key, value in server_networks.items()|sort(attribute='1.iface') %}
{% if value.iface is defined %}
auto {{ value.iface }}
iface {{ value.iface }} inet manual
{% endif %}
{% endfor %}
{% for key, value in server_networks.items()|sort(attribute='1.iface') %}
auto br-{{ key }}
iface br-{{ key }} inet {{ value.inet_type }}
bridge_stp off
bridge_waitport 10
bridge_fd 0
offload-sg off
{% if value.iface is defined and key == "flat" %}
pre-up ip link add br-veth-{{ key }} type veth peer name v{{ value.iface }} || true
# Set both ends UP
pre-up ip link set br-veth-{{ key }} up
pre-up ip link set v{{ value.iface }} up
# Delete veth pair on DOWN
post-down ip link del br-vlan-veth || true
bridge_ports {{ value.iface }} br-veth-{{ key }}
{% elif value.iface is defined and key == "lbaas" %}
pre-up ip link add lb-veth-inbr type veth peer name lb-veth-ovrd || true
# Set both ends UP
pre-up ip link set lb-veth-inbr up
pre-up ip link set lb-veth-ovrd up
# Delete veth pair on DOWN
post-down ip link del br-vlan-veth || true
bridge_ports {{ value.iface }} lb-veth-inbr
{% elif value.iface is defined %}
bridge_ports {{ value.iface | default('none') }}
{% else %}
bridge_ports none
{% endif %}
{% if value.address is defined %}
address {{ value.address }}
{% endif %}
{% endfor %}

View File

@ -23,12 +23,10 @@
- name: Check for a supported Operating System - name: Check for a supported Operating System
assert: assert:
that: that:
- (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial') or - (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal')
(ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'bionic')
msg: >- msg: >-
The only supported host platforms for this tooling are Ubuntu 16.04 LTS (Xenial) The only supported host platforms for this tooling are Ubuntu 20.04 LTS (Focal).
and Ubuntu 18.04 LTS (Bionic). Patches to add support for other distributions are Patches to add support for other distributions are most welcome.
most welcome.
- name: Gather variables for each operating system - name: Gather variables for each operating system
include_vars: "{{ item }}" include_vars: "{{ item }}"
@ -367,6 +365,7 @@
fstype: ext4 fstype: ext4
dev: "/dev/{{ mnaio_data_disk }}{{ mnaio_data_disk_suffix | default('1') }}" dev: "/dev/{{ mnaio_data_disk }}{{ mnaio_data_disk_suffix | default('1') }}"
force: yes force: yes
resizefs: yes
when: when:
- _add_partition is changed - _add_partition is changed

View File

@ -129,27 +129,18 @@ security_group_rules:
# Create some default images # Create some default images
images: images:
- name: Ubuntu 14.04 LTS - name: Ubuntu 18.04 LTS
format: qcow2 format: qcow2
url: http://uec-images.ubuntu.com/releases/14.04/release/ubuntu-14.04-server-cloudimg-amd64-disk1.img url: https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img
- name: Ubuntu 16.04 - name: Ubuntu 20.04 LTS
format: qcow2 format: qcow2
url: http://uec-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img url: https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
- name: Fedora 27 - name: CentOS 9 Stream
format: qcow2 format: qcow2
url: http://dfw.mirror.rackspace.com/fedora/releases/27/CloudImages/x86_64/images/Fedora-Cloud-Base-27-1.6.x86_64.qcow2 url: https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-20220112.1.x86_64.qcow2
- name: CentOS 7 - name: Debian 10 Latest
format: qcow2 format: qcow2
url: http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 url: https://cdimage.debian.org/cdimage/openstack/current-10/debian-10-openstack-amd64.qcow2
- name: OpenSuse Leap 42.3 - name: Cirros-0.5.2
format: qcow2 format: qcow2
url: http://download.opensuse.org/repositories/Cloud:/Images:/Leap_42.3/images/openSUSE-Leap-42.3-OpenStack.x86_64.qcow2 url: http://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
- name: Debian 9 Latest
format: qcow2
url: http://cdimage.debian.org/cdimage/openstack/current-9/debian-9-openstack-amd64.qcow2
- name: Debian TESTING
format: qcow2
url: http://cdimage.debian.org/cdimage/openstack/testing/debian-testing-openstack-amd64.qcow2
- name: Cirros-0.3.5
format: qcow2
url: http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img

View File

@ -17,27 +17,24 @@ mnaio_host_required_distro_packages:
- ubuntu-cloud-keyring - ubuntu-cloud-keyring
mnaio_host_package_repos: mnaio_host_package_repos:
- repo: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu {{ ansible_lsb.codename }}-updates/queens main" - repo: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu {{ ansible_lsb.codename }}-updates/xena main"
state: present state: present
filename: "uca" filename: "uca"
condition: "{{ ansible_lsb.codename == 'xenial' }}" condition: "{{ ansible_lsb.codename == 'focal' }}"
- repo: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu {{ ansible_lsb.codename }}-updates/rocky main"
state: present
filename: "uca"
condition: "{{ ansible_lsb.codename == 'bionic' }}"
mnaio_host_distro_packages: mnaio_host_distro_packages:
- bridge-utils - bridge-utils
- ifenslave - ifenslave
- iptables-persistent - iptables-persistent
- libguestfs-tools - libguestfs-tools
- libvirt-bin - libvirt-daemon-system
- libvirt-clients
- lvm2 - lvm2
- ntp - ntp
- openssh-server - openssh-server
- python2.7 - python3
- python-lxml - python3-lxml
- python-jmespath - python3-jmespath
- qemu-kvm - qemu-kvm
- qemu-utils - qemu-utils
- software-properties-common - software-properties-common
@ -57,6 +54,6 @@ mnaio_dhcp_distro_packages:
mnaio_pkg_cache_server_distro_packages: mnaio_pkg_cache_server_distro_packages:
- apt-cacher-ng - apt-cacher-ng
mnaio_host_iptables_service: "{{ (ansible_lsb.codename == 'trusty') | ternary('iptables-persistent', 'netfilter-persistent') }}" mnaio_host_iptables_service: netfilter-persistent
ssh_service_name: ssh ssh_service_name: ssh

View File

@ -22,13 +22,6 @@ default_dhcp_interface: "{{ default_interface }}"
# To speed up the deployment apt-cacher NG is used on the pxe/dhcp server. # To speed up the deployment apt-cacher NG is used on the pxe/dhcp server.
default_acng_bind_address: 0.0.0.0 default_acng_bind_address: 0.0.0.0
# This is a mapping of OS familiies. While Ansible has a suitable interface
# for this it can vary in unpredictable ways. This setting it used to determine
# the type of preseed needed to deploy an given OS type.
default_os_families:
ubuntu-16.04-amd64: debian
ubuntu-18.04-amd64: debian
# Default setting for Apt-Cacher-NG. # Default setting for Apt-Cacher-NG.
default_mirror_proxy: 'http://{{ default_tftp_server }}:3142/' default_mirror_proxy: 'http://{{ default_tftp_server }}:3142/'
default_mirror_hostname: archive.ubuntu.com default_mirror_hostname: archive.ubuntu.com
@ -41,21 +34,8 @@ default_tftp_port: 69
default_tftp_boot_path: /pxelinux.0 # Path of where to boot from first default_tftp_boot_path: /pxelinux.0 # Path of where to boot from first
# Default ISO images # Default ISO images
default_image_name: "ubuntu-18.04-amd64" default_image_name: "ubuntu-20.04-amd64"
default_images: default_images:
ubuntu-16.04-amd64:
image_type: debian
image_iso_url: "http://releases.ubuntu.com/16.04.2/ubuntu-16.04.2-server-amd64.iso"
image_name: "ubuntu-16.04.2-server-amd64.iso"
image_short_name: "ubuntu-16.04.2-server-amd64"
image_default_boot: "ubuntu-16.04.2-server-amd64/amd64/boot-screens/menu.cfg"
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical quiet splash"
image_kernel: "ubuntu-16.04.2-server-amd64/amd64/linux"
image_initrd: "ubuntu-16.04.2-server-amd64/amd64/initrd.gz"
image_netboot: "ubuntu-16.04.2-server-amd64/install/netboot/ubuntu-installer"
image_preseed: basic
image_preseed_option:
url: "tftp://{{ default_tftp_server }}/preseed/basic.preseed"
ubuntu-18.04-amd64: ubuntu-18.04-amd64:
image_type: debian image_type: debian
image_iso_url: "http://cdimage.ubuntu.com/ubuntu-server/daily/current/bionic-server-amd64.iso" image_iso_url: "http://cdimage.ubuntu.com/ubuntu-server/daily/current/bionic-server-amd64.iso"
@ -69,6 +49,19 @@ default_images:
image_preseed: basic image_preseed: basic
image_preseed_option: image_preseed_option:
url: "tftp://{{ default_tftp_server }}/preseed/basic.preseed" url: "tftp://{{ default_tftp_server }}/preseed/basic.preseed"
ubuntu-20.04-amd64:
image_type: debian
image_iso_url: "https://cdimage.ubuntu.com/ubuntu-server/focal/daily/current/focal-legacy-server-amd64.iso"
image_name: "focal-legacy-server-amd64.iso"
image_short_name: "focal-legacy-server-amd64"
image_default_boot: "focal-legacy-server-amd64/amd64/boot-screens/menu.cfg"
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical quiet splash"
image_kernel: "focal-legacy-server-amd64/amd64/linux"
image_initrd: "focal-legacy-server-amd64/amd64/initrd.gz"
image_netboot: "focal-legacy-server-amd64/install/netboot/ubuntu-installer"
image_preseed: basic
image_preseed_option:
url: "tftp://{{ default_tftp_server }}/preseed/basic.preseed"
# PXELinux downloads. While pxelinux is available as a component of most distros # PXELinux downloads. While pxelinux is available as a component of most distros
# the version may vary. This stabalizes on a known set. # the version may vary. This stabalizes on a known set.

View File

@ -22,7 +22,7 @@ ansible-playbook -vv \
-e setup_host=${SETUP_HOST:-"true"} \ -e setup_host=${SETUP_HOST:-"true"} \
-e setup_pxeboot=${SETUP_PXEBOOT:-"true"} \ -e setup_pxeboot=${SETUP_PXEBOOT:-"true"} \
-e setup_dhcpd=${SETUP_DHCPD:-"true"} \ -e setup_dhcpd=${SETUP_DHCPD:-"true"} \
-e default_image=${DEFAULT_IMAGE:-"ubuntu-18.04-amd64"} \ -e default_image=${DEFAULT_IMAGE:-"ubuntu-20.04-amd64"} \
-e default_http_proxy=${DEFAULT_HTTP_PROXY:-''} \ -e default_http_proxy=${DEFAULT_HTTP_PROXY:-''} \
--force-handlers \ --force-handlers \
playbooks/site.yml playbooks/site.yml

View File

@ -26,8 +26,8 @@ for flavor in micro tiny mini small medium large xlarge heavy; do
VCPU="${VCPU:-1}" VCPU="${VCPU:-1}"
SWAP="${SWAP:-0}" SWAP="${SWAP:-0}"
EPHEMERAL="${EPHEMERAL:-0}" EPHEMERAL="${EPHEMERAL:-0}"
nova flavor-delete "$ID" > /dev/null || echo "No Flavor with ID: [ $ID ] found to clean up" openstack flavor delete "$ID" > /dev/null || echo "No Flavor with ID: [ $ID ] found to clean up"
nova flavor-create "$NAME" "$ID" "$RAM" "$DISK" "$VCPU" --swap "$SWAP" --is-public true --ephemeral "$EPHEMERAL" --rxtx-factor 1 openstack flavor create "$NAME" --id "$ID" --ram "$RAM" --disk "$DISK" --vcpu "$VCPU" --swap "$SWAP" --public --ephemeral "$EPHEMERAL" --rxtx-factor 1
let ID=ID+1 let ID=ID+1
let RAM=RAM*2 let RAM=RAM*2
if [ "$ID" -gt 5 ];then if [ "$ID" -gt 5 ];then

View File

@ -29,10 +29,10 @@ function image_upload {
echo "file found ${IMAGE_FILE}" echo "file found ${IMAGE_FILE}"
fi fi
if [[ "$?" == 0 ]]; then if [[ "$?" == 0 ]]; then
glance image-create --name "${IMAGE_NAME}" \ openstack image create "${IMAGE_NAME}" \
--container-format bare \ --container-format bare \
--disk-format qcow2 \ --disk-format qcow2 \
--visibility public \ --public \
--progress \ --progress \
--file "${IMAGE_FILE}" && rm "${IMAGE_FILE}" --file "${IMAGE_FILE}" && rm "${IMAGE_FILE}"
fi fi
@ -42,10 +42,9 @@ function image_upload {
# Create some default images # Create some default images
# USAGE: image_upload $URL $NAME # USAGE: image_upload $URL $NAME
image_upload http://uec-images.ubuntu.com/releases/14.04/release/ubuntu-14.04-server-cloudimg-amd64-disk1.img ubuntu-14.04-amd64 image_upload https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img ubuntu-18.04-amd64
image_upload http://uec-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img ubuntu-16.04-amd64 image_upload https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img ubuntu-20.04-amd64
image_upload http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 centos-7-amd64 image_upload https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img ubuntu-22.04-amd64
image_upload http://cdimage.debian.org/cdimage/openstack/current/debian-9.2.0-openstack-amd64.qcow2 debian-9.2.0-amd64 image_upload https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-20220216.0.x86_64.qcow2 centos-9-stream-20220216-x86_64
image_upload http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img cirros-0.3.4-amd64 image_upload https://cloud.debian.org/images/cloud/OpenStack/current-10/debian-10-openstack-amd64.qcow2 debian-10-openstack-amd64
image_upload http://dfw.mirror.rackspace.com/fedora/releases/26/CloudImages/x86_64/images/Fedora-Cloud-Base-26-1.5.x86_64.qcow2 fedora-26-amd64 image_upload https://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img cirros-0.5.2-x86_64
image_upload http://download.opensuse.org/repositories/Cloud:/Images:/Leap_42.3/images/openSUSE-Leap-42.3-OpenStack.x86_64.qcow2 opensuse-leap-42.3-amd64

View File

@ -18,60 +18,57 @@ source openrc
# Create a basic flat network # Create a basic flat network
neutron net-create GATEWAY_NET \ openstack network create GATEWAY_NET \
--shared \ --share \
--router:external=True \ --external \
--provider:physical_network=flat \ --provider-physical-network flat \
--provider:network_type=flat --provider-network-type flat
neutron subnet-create GATEWAY_NET 172.16.24.0/22 \ openstack subnet create GATEWAY_SUBNET \
--name GATEWAY_NET_SUBNET \ --subnet-range 172.16.24.0/22 \
--network GATEWAY_NET \
--gateway 172.16.24.2 \ --gateway 172.16.24.2 \
--allocation-pool start=172.16.25.201,end=172.16.25.255 \ --allocation-pool start=172.16.25.201,end=172.16.25.255 \
--dns-nameservers list=true 172.16.24.2 --dns-nameserver 172.16.24.2
# Create a basic VXLAN network # Create a basic VXLAN network
neutron net-create PRIVATE_NET \ openstack network create PRIVATE_NET \
--shared \ --share \
--router:external=True \ --provider-network-type vxlan \
--provider:network_type=vxlan \ --provider-segment 101
--provider:segmentation_id 101
neutron subnet-create PRIVATE_NET 192.168.0.0/24 \ openstack subnet create PRIVATE_SUBNET \
--name PRIVATE_NET_SUBNET --subnet-range 192.168.0.0/24 \
--network PRIVATE_NET
# Create a neutron router and wire it up to the GATEWAY_NET and PRIVATE_NET_SUBNET # Create a neutron router and wire it up to the GATEWAY_NET and PRIVATE_NET_SUBNET
ROUTER_ID="$(neutron router-create GATEWAY_NET_ROUTER | grep -w id | awk '{print $4}')" ROUTER_ID="$(openstack router create GATEWAY_NET_ROUTER -c id | grep -w id | awk '{print $4}')"
neutron router-gateway-set \ openstack router set "${ROUTER_ID}" \
"${ROUTER_ID}" \ --external-gateway "$(openstack network list | awk '/GATEWAY_NET/ {print $2}')"
"$(neutron net-list | awk '/GATEWAY_NET/ {print $2}')"
neutron router-interface-add \ openstack router add subnet \
"${ROUTER_ID}" \ "${ROUTER_ID}" \
"$(neutron subnet-list | awk '/PRIVATE_NET_SUBNET/ {print $2}')" "$(openstack subnet list | awk '/PRIVATE_SUBNET/ {print $2}')"
# Neutron security group setup # Neutron security group setup
for id in "$(neutron security-group-list -f yaml | awk '/- id\:/ {print $3}')"; do SECGRP_ID="$(openstack security group create MNAIO_SECGRP -c id | grep -w id | awk '{print $4}')"
# Allow ICMP # Allow ICMP
neutron security-group-rule-create --protocol icmp \ openstack security group rule create --protocol icmp \
--direction ingress \ --ingress \
"$id" || true "$SECGRP_ID"
# Allow all TCP # Allow all TCP
neutron security-group-rule-create --protocol tcp \ openstack security group rule create --protocol tcp \
--port-range-min 1 \ --ingress \
--port-range-max 65535 \ "$SECGRP_ID"
--direction ingress \
"$id" || true
# Allow all UDP # Allow all UDP
neutron security-group-rule-create --protocol udp \ openstack security group rule create --protocol udp \
--port-range-min 1 \ --ingress \
--port-range-max 65535 -\ "$SECGRP_ID"
-direction ingress \
"$id" || true
done