Add CentOS support for AIO setup

This patch add support for deploying on CentOS.

Change-Id: I1763351a95bb3c30bcb1095fad0fedff72c1a751
This commit is contained in:
Marc Gariepy 2016-12-06 15:08:48 -05:00 committed by Jesse Pretorius (odyssey4me)
parent f67dfa4c1e
commit e44a7f1ac4
19 changed files with 382 additions and 110 deletions

View File

@ -24,12 +24,13 @@ Install one of the following supported operating systems on the deployment
hosts:
* `Ubuntu server 16.04 (Xenial Xerus) LTS 64-bit <http://releases.ubuntu.com/16.04/>`_
* `Centos 7 64-bit <https://www.centos.org/download/>`_
Configure at least one network interface to access the Internet or suitable
local repositories.
Configure the operating system
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Configure the operating system (Ubuntu)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Install additional software packages and configure Network Time Protocol (NTP).
Before you begin, we recommend upgrading your system packages and kernel.
@ -40,6 +41,7 @@ Before you begin, we recommend upgrading your system packages and kernel.
# apt-get update
#. Upgrade the system packages and kernel:
.. code-block:: shell-session
@ -58,6 +60,30 @@ Before you begin, we recommend upgrading your system packages and kernel.
#. Configure NTP to synchronize with a suitable time source.
Configure the operating system (CentOS)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Install additional software packages and configure Network Time Protocol (NTP).
Before you begin, we recommend upgrading your system packages and kernel.
#. Upgrade the system packages and kernel
.. code-block:: shell-session
# yum upgrade
#. Reboot the host.
#. Install additional software packages if they were not installed
during the operating system installation:
.. code-block:: shell-session
# yum install git centos-release-openstack-newton ntp ntpdate \
openssh-server python-devel sudo '@Development Tools'
#. Configure NTP to synchronize with a suitable time source.
Configure the network
~~~~~~~~~~~~~~~~~~~~~

View File

@ -11,10 +11,18 @@ Software requirements
Ensure that all hosts within an OpenStack-Ansible (OSA) environment meet the
following minimum requirements:
* Ubuntu
* Ubuntu 16.04 LTS (Xenial Xerus)
* Linux kernel version ``3.13.0-34-generic`` or later is required.
* CentOS (support is experimental)
* Centos 7, fully updated.
* Linux kernel verison ``3.10.0`` or later.
* Secure Shell (SSH) client and server that support public key
authentication

View File

@ -13,6 +13,7 @@ Install one of the following supported operating systems on the
target host:
* Ubuntu server 16.04 (Xenial Xerus) LTS 64-bit
* Centos 7 64-bit
Configure at least one network interface to access the Internet or
suitable local repositories.
@ -25,8 +26,8 @@ installation on target hosts that do not have local (console) access.
We also recommend setting your locale to `en_US.UTF-8`. Other locales might
work, but they are not tested or supported.
Configure the operating system
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Configure the operating system (Ubuntu)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Update package source lists
@ -72,6 +73,48 @@ Configure the operating system
#. Reboot the host to activate the changes and use the new kernel.
Configure the operating system (CentOS)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Upgrade the system packages and kernel:
.. code-block:: shell-session
# yum upgrade
#. Reboot the host.
#. Ensure that the kernel version is ``3.10`` or later:
.. code-block:: shell-session
# uname -r
#. Install additional software packages:
.. code-block:: shell-session
# yum install epel-release
# yum install bridge-utils debootstrap iputils lsof lvm2 \
ntp ntpdate openssh-server sudo tcpdump vconfig
#. Add the appropriate kernel modules to the ``/etc/modules`` file to
enable VLAN and bond interfaces:
.. code-block:: shell-session
# echo 'bonding' >> /etc/modules-load.d/openstack-ansible.conf
# echo '8021q' >> /etc/modules-load.d/openstack-ansible.conf
#. Configure Network Time Protocol (NTP) in ``/etc/ntp.conf`` to
synchronize with a suitable time source and restart the service:
.. code-block:: shell-session
# service ntpd restart
#. Reboot the host to activate the changes and use the new kernel.
Deploying Secure Shell (SSH) keys
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

View File

@ -53,9 +53,17 @@ system packages are upgraded and then reboot into the new kernel:
.. code-block:: shell-session
## Ubuntu
# apt-get dist-upgrade
# reboot
.. code-block:: shell-session
## CentOS
# yum upgrade
# yum install centos-release-openstack-newton git
# reboot
.. note::
If you are installing with limited connectivity, please review
@ -91,7 +99,7 @@ version.
.. note::
The |current_release_formal_name| release is only compatible with Ubuntu
16.04 (Xenial Xerus).
16.04 (Xenial Xerus) and Centos 7.
By default the scripts deploy all OpenStack services with sensible defaults
for the purpose of a gate check, development or testing system.

View File

@ -0,0 +1,4 @@
---
features:
- There is now experimental support to deploy OpenStack-Ansible on CentOS 7 for both development
and test environments.

View File

@ -62,6 +62,7 @@
- name: neutron.yml.aio
- name: nova.yml.aio
- name: swift.yml.aio
sftp_subsystem: "{{ (ansible_pkg_mgr == 'apt') | ternary('sftp /usr/lib/openssh/sftp-server','sftp /usr/libexec/openssh/sftp-server') }}"
sshd:
ListenAddress:
- 0.0.0.0
@ -93,7 +94,7 @@
PrintLastLog: no
TCPKeepAlive: yes
AcceptEnv: "LANG LC_*"
Subsystem: "sftp /usr/lib/openssh/sftp-server"
Subsystem: "{{ sftp_subsystem }}"
UsePAM: yes
UseDNS: no
X11Forwarding: no
@ -101,3 +102,6 @@
CompressionLevel: 6
MaxSessions: 100
MaxStartups: "100:100:100"
GSSAPIAuthentication: no
GSSAPICleanupCredentials: no

View File

@ -121,6 +121,22 @@ bootstrap_host_encapsulation_interfaces:
friendly_name: "Encapsulation of br-vlan with VXLAN"
#
# Bridges
bridges:
- name: "br-mgmt"
ip_addr: "172.29.236.100"
netmask: "255.255.252.0"
- name: "br-vxlan"
ip_addr: "172.29.240.100"
netmask: "255.255.252.0"
- name: "br-storage"
ip_addr: "172.29.244.100"
netmask: "255.255.252.0"
- name: "br-vlan"
ip_addr: "172.29.248.100"
alias: "172.29.248.1"
veth_peer: "eth12"
netmask: "255.255.252.0"
bootstrap_host_bridges_interfaces:
br-mgmt:
ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-mgmt', bootstrap_host_bridge_mgmt_ports) }}"

View File

@ -1,77 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure that apt supports HTTPS package sources
apt:
name: apt-transport-https
state: present
tags:
- apt-install-prerequisites
- name: Determine the existing Ubuntu repo configuration
command: 'grep -oP "^deb \K(\[?.*\]?.*ubuntu\S*\/?)(?= {{ ansible_distribution_release }} main)" /etc/apt/sources.list'
register: ubuntu_repo
when:
- bootstrap_host_ubuntu_repo is not defined
changed_when: false
tags:
- find-apt-repo
- name: Determine the existing Ubuntu Security repo configuration
command: 'grep -oP "^deb \K(\[?.*\]?.*ubuntu\S*\/?)(?= {{ ansible_distribution_release }}-security main)" /etc/apt/sources.list'
register: ubuntu_security_repo
when:
- bootstrap_host_ubuntu_security_repo is not defined
changed_when: false
tags:
- find-apt-security-repo
- name: Set apt repo facts based on discovered information
set_fact:
bootstrap_host_ubuntu_repo: "{{ ubuntu_repo.stdout_lines[0] }}"
bootstrap_host_ubuntu_security_repo: "{{ ubuntu_security_repo.stdout_lines[0] }}"
when:
- bootstrap_host_ubuntu_repo is not defined
- bootstrap_host_ubuntu_security_repo is not defined
- ubuntu_repo is defined
- ubuntu_security_repo is defined
- name: Configure apt's sources.list (Ubuntu only)
template:
src: apt-sources.list.j2
dest: /etc/apt/sources.list
backup: yes
when:
- ansible_distribution == 'Ubuntu'
- bootstrap_host_ubuntu_repo is defined
- bootstrap_host_ubuntu_security_repo is defined
register: apt_sources_configure
- name: Update apt-cache
apt:
update_cache: yes
when:
- apt_sources_configure is defined
- apt_sources_configure | changed
tags:
- apt-cache-update
- name: Remove known problem packages
apt:
name: "{{ item }}"
state: absent
with_items: "{{ packages_remove }}"
tags:
- remove-packages

View File

@ -0,0 +1,114 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Ubuntu
- block:
- name: Ensure that apt supports HTTPS package sources
apt:
name: apt-transport-https
state: present
tags:
- apt-install-prerequisites
- name: Determine the existing Ubuntu repo configuration
command: 'grep -oP "^deb \K(\[?.*\]?.*ubuntu\S*\/?)(?= {{ ansible_distribution_release }} main)" /etc/apt/sources.list'
register: ubuntu_repo
when:
- bootstrap_host_ubuntu_repo is not defined
changed_when: false
tags:
- find-apt-repo
- name: Determine the existing Ubuntu Security repo configuration
command: 'grep -oP "^deb \K(\[?.*\]?.*ubuntu\S*\/?)(?= {{ ansible_distribution_release }}-security main)" /etc/apt/sources.list'
register: ubuntu_security_repo
when:
- bootstrap_host_ubuntu_security_repo is not defined
changed_when: false
tags:
- find-apt-security-repo
- name: Set apt repo facts based on discovered information
set_fact:
bootstrap_host_ubuntu_repo: "{{ ubuntu_repo.stdout_lines[0] }}"
bootstrap_host_ubuntu_security_repo: "{{ ubuntu_security_repo.stdout_lines[0] }}"
when:
- bootstrap_host_ubuntu_repo is not defined
- bootstrap_host_ubuntu_security_repo is not defined
- ubuntu_repo is defined
- ubuntu_security_repo is defined
- name: Configure apt's sources.list (Ubuntu only)
template:
src: apt-sources.list.j2
dest: /etc/apt/sources.list
backup: yes
when:
- ansible_distribution == 'Ubuntu'
- bootstrap_host_ubuntu_repo is defined
- bootstrap_host_ubuntu_security_repo is defined
register: apt_sources_configure
- name: Update apt-cache
apt:
update_cache: yes
when:
- apt_sources_configure is defined
- apt_sources_configure | changed
tags:
- apt-cache-update
when:
- ansible_pkg_mgr == 'apt'
# CentOS
- block:
- name: Install RDO package
package:
name: "{{ rdo_package }}"
state: "present"
register: install_cloud_rdo_package
until: install_cloud_rdo_package | success
retries: 5
delay: 2
- name: Install epel package
package:
name: "{{ epel_package }}"
state: "present"
register: install_epel_package
until: install_epel_package | success
retries: 5
delay: 2
when:
- ansible_pkg_mgr == 'yum'
- name: Remove known problem packages
package:
name: "{{ item }}"
state: absent
with_items: "{{ packages_remove }}"
tags:
- remove-packages
- name: Install packages
package:
name: "{{ item }}"
state: present
with_items: "{{ packages_install }}"
tags:
- install-packages

View File

@ -40,18 +40,7 @@
tags:
- create-directories
# Configure apt in a known way to reduce the chance of unexpected failures
- include: install-apt.yml
when:
- ansible_pkg_mgr == 'apt'
tags:
- install-apt
- name: Install packages
package:
name: "{{ item }}"
state: present
with_items: "{{ packages_install }}"
- include: install_packages.yml
tags:
- install-packages

View File

@ -36,7 +36,7 @@
- name: Ensure that rc.local exists
file:
path: /etc/rc.local
path: "{{ rc_local }}"
state: touch
mode: "u+x"
tags:
@ -48,9 +48,9 @@
# after the boot process completes.
- name: Create loopback devices at boot time
lineinfile:
dest: /etc/rc.local
dest: "{{ rc_local }}"
line: "losetup $(losetup -f) /openstack/cinder.img"
insertbefore: "^exit 0$"
insertbefore: "{{ rc_local_insert_before }}"
tags:
- cinder-rc-config

View File

@ -19,7 +19,7 @@
rescue:
- name: Create swap file
command: "fallocate -l {{ bootstrap_host_swap_size }}G /openstack/swap.img"
command: "{{ swap_create_command }}"
args:
creates: /openstack/swap.img
register: swap_create

View File

@ -13,41 +13,91 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure that /etc/network/interfaces.d/ exists
- name: Ensure that /etc/network/interfaces.d/ exists (Debian)
file:
path: /etc/network/interfaces.d/
state: directory
tags:
- networking-dir-create
when:
- ansible_pkg_mgr == 'apt'
- name: Copy AIO network configuration
- name: Copy AIO network configuration (Debian)
template:
src: osa_interfaces.cfg.j2
dest: /etc/network/interfaces.d/osa_interfaces.cfg
register: osa_interfaces
when: bootstrap_host_aio_config | bool
when:
- bootstrap_host_aio_config | bool
- ansible_pkg_mgr == 'apt'
tags:
- networking-interfaces-file
- name: Copy multinode network configuration
- name: Copy network configuration (RedHat)
template:
src: "redhat_interface_{{ item.type | default('default') }}.cfg.j2"
dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.name | default('br-mgmt') }}"
with_items: "{{ bridges }}"
register: network_interfaces_rhel
when:
- ansible_pkg_mgr == 'yum'
- name: Create alias file when required (RedHat)
template:
src: "redhat_interface_alias.cfg.j2"
dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.name | default('br-mgmt')}}:0"
with_items: "{{ bridges }}"
when:
- ansible_pkg_mgr == 'yum'
- item.alias is defined
- name: Put down post-up script for veth-peer interfaces (RedHat)
template:
src: "redhat_interface_{{ item[0] | default('default') }}.cfg.j2"
dest: "/etc/sysconfig/network-scripts/{{ item[0] }}-veth-{{ item[1].name | default('br-mgmt') }}-2-{{ item[1].veth_peer | default('eth1') }}"
mode: "0755"
with_nested:
- [ "ifup-post", "ifdown-post" ]
- "{{ bridges }}"
when:
- item[1].veth_peer is defined
- ansible_pkg_mgr == 'yum'
- name: Ensure the postup/postdown scripts are loaded (RedHat)
lineinfile:
dest: "/etc/sysconfig/network-scripts/{{ item[0] }}"
line: ". /etc/sysconfig/network-scripts/{{ item[0] }}-veth-{{ item[1].name | default('br-mgmt') }}-2-{{ item[1].veth_peer | default('eth1') }}"
insertbefore: "^exit 0"
with_nested:
- [ "ifup-post", "ifdown-post" ]
- "{{ bridges }}"
when:
- item[1].veth_peer is defined
- ansible_pkg_mgr == 'yum'
- name: Copy multinode network configuration (Debian)
template:
src: osa_interfaces_multinode.cfg.j2
dest: /etc/network/interfaces.d/osa_interfaces.cfg
register: osa_multinode_interfaces
when: not bootstrap_host_aio_config | bool
when:
- not bootstrap_host_aio_config | bool
- ansible_pkg_mgr == 'apt'
tags:
- networking-interfaces-file
- name: Ensure our interfaces.d configuration files are loaded automatically
- name: Ensure our interfaces.d configuration files are loaded automatically (Debian)
lineinfile:
dest: /etc/network/interfaces
line: "source /etc/network/interfaces.d/*.cfg"
when:
- ansible_pkg_mgr == 'apt'
tags:
- networking-interfaces-load
- name: Shut down the network interfaces
command: "ifdown {{ item }}"
when: osa_interfaces | changed or osa_multinode_interfaces | changed
when: osa_interfaces | changed or osa_multinode_interfaces | changed or network_interfaces_rhel | changed
with_items:
- br-mgmt
- br-storage
@ -76,7 +126,7 @@
- name: Start the network interfaces
command: "ifup {{ item }}"
when: osa_interfaces | changed
when: osa_interfaces | changed or network_interfaces_rhel | changed
with_items:
- br-mgmt
- br-storage

View File

@ -0,0 +1,5 @@
# This interface is an alias
DEVICE={{ item.name | default('br-mgmt') }}:0
IPADDR={{ item.alias | default('10.1.0.1') }}
NETMASK={{ item.netmask | default('255.255.255.0') }}
ONBOOT=yes

View File

@ -0,0 +1,11 @@
{% if item.veth_peer is defined %}
# This interface has a veth peer
{% endif %}
DEVICE={{ item.name | default('br-mgmt') }}
TYPE=Bridge
IPADDR={{ item.ip_addr | default('10.1.0.1') }}
NETMASK={{ item.netmask | default('255.255.255.0') }}
ONBOOT=yes
BOOTPROTO=none
NM_CONTROLLED=no
DELAY=0

View File

@ -0,0 +1,19 @@
#!/usr/bin/env bash
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
if [ "${DEVICE}" == "{{ item[1].name | default('br-mgmt') }}" ]; then
/usr/sbin/ip link set {{ item[1].name | default('br-mgmt') }}-veth nomaster || true
/usr/sbin/ip link del {{ item[1].name | default('br-mgmt') }}-veth || true
fi

View File

@ -0,0 +1,25 @@
#!/usr/bin/env bash
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
if [ "${DEVICE}" == "{{ item[1].name | default('br-mgmt') }}" ]; then
# Create veth pair, don't bomb if already exists
echo "Creating veth"
/usr/sbin/ip link add {{ item[1].name | default('br-mgmt') }}-veth type veth peer name {{ item[1].veth_peer | default('eth0') }} || true
# Set both ends UP
/usr/sbin/ip link set {{ item[1].name | default('br-mgmt') }}-veth up || true
/usr/sbin/ip link set {{ item[1].veth_peer | default('eth0') }} up || true
# add eth12 to the bridge
/usr/sbin/ip link set {{ item[1].name | default('br-mgmt') }}-veth master {{ item[1].name | default('br-mgmt') }} || true
fi

View File

@ -13,5 +13,28 @@
# See the License for the specific language governing permissions and
# limitations under the License.
rdo_package: "centos-release-openstack-newton"
epel_package: "epel-release"
packages_install:
- '@Development Tools'
- bridge-utils
- curl
- ethtool
- git
- iputils
- lvm2
- python
- python-devel
- python-ipython
- tmux
- vconfig
- vim
- xfsprogs
packages_remove: []
swap_create_command: "dd if=/dev/zero of=/openstack/swap.img bs={{ bootstrap_host_swap_size }}G count=1"
rc_local: /etc/rc.d/rc.local
rc_local_insert_before: "^touch /var/lock/subsys/local$"

View File

@ -33,3 +33,7 @@ packages_install:
packages_remove:
- libmysqlclient18
- mysql-common
swap_create_command: "fallocate -l {{ bootstrap_host_swap_size }}G /openstack/swap.img"
rc_local: /etc/rc.local
rc_local_insert_before: "^exit 0$"