Merge role baremetal-undercloud

changes/52/396652/8
Attila Darazs 6 years ago
commit ee03ae932a

@ -0,0 +1,102 @@
---
# Provision and initial undercloud setup
- name: Baremetal undercloud install
hosts: localhost
roles:
- tripleo-baremetal-undercloud
tags:
- undercloud-bm-install
# Machine at this point is provided
- name: Add the undercloud node to the generated inventory
hosts: localhost
gather_facts: yes
tags:
- undercloud-scripts
roles:
- tripleo-inventory
# Deploy the undercloud
- name: Install undercloud
hosts: undercloud
gather_facts: no
tags:
- undercloud-install
roles:
- tripleo/undercloud
# Baremetal preparation (with workarounds)
- name: Prepare baremetal for the overcloud deployment
hosts: undercloud
roles:
- overcloud-prep-baremetal
tags:
- overcloud-prep-baremetal
# Prepare any additional configuration files required by the overcloud
- name: Prepare configuration files for the overcloud deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-config
# Prepare the overcloud images for deployment
- name: Prepare the overcloud images for deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-images
# Prepare the overcloud flavor configuration
- name: Prepare overcloud flavors
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-flavors
# Prepare the undercloud networks for the overcloud deployment
- name: Prepare the undercloud networks for the overcloud deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-network
# Deploy the overcloud
- name: Deploy the overcloud
hosts: undercloud
gather_facts: yes
roles:
- tripleo-overcloud
- name: Add the overcloud nodes to the generated inventory
hosts: undercloud
gather_facts: yes
tags:
- overcloud-deploy
vars:
inventory: all
roles:
- tripleo-inventory
# Check the results of the deployment, note after inventory has executed
- name: Check the result of the deployment
hosts: localhost
tags:
- overcloud-deploy
tasks:
- name: ensure the deployment result has been read into memory
include_vars: "{{ local_working_dir }}/overcloud_deployment_result.json"
# overcloud_deploy_result = ["failed", "passed"]
- name: did the deployment pass or fail?
debug: var=overcloud_deploy_result
failed_when: overcloud_deploy_result == "failed"
# HA Validation
- name: Validate the overcloud using HA tests
hosts: undercloud
gather_facts: no
roles:
- tripleo-overcloud-validate-ha
tags:
- overcloud-validate-ha

@ -0,0 +1,101 @@
---
# Provision and initial undercloud setup
- name: Baremetal undercloud install
hosts: localhost
roles:
- tripleo-baremetal-undercloud
tags:
- undercloud-bm-install
# Machine at this point is provided
- name: Add the undercloud node to the generated inventory
hosts: localhost
gather_facts: yes
tags:
- undercloud-scripts
roles:
- tripleo-inventory
# Deploy the undercloud
- name: Install undercloud
hosts: undercloud
gather_facts: no
tags:
- undercloud-install
roles:
- tripleo/undercloud
# Baremetal preparation (with workarounds)
- name: Prepare baremetal for the overcloud deployment
hosts: undercloud
roles:
- overcloud-prep-baremetal
tags:
- overcloud-prep-baremetal
# Prepare any additional configuration files required by the overcloud
- name: Prepare configuration files for the overcloud deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-config
# Prepare the overcloud images for deployment
- name: Prepare the overcloud images for deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-images
# Prepare the overcloud flavor configuration
- name: Prepare overcloud flavors
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-flavors
# Prepare the undercloud networks for the overcloud deployment
- name: Prepare the undercloud networks for the overcloud deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-network
# Deploy the overcloud
- name: Deploy the overcloud
hosts: undercloud
gather_facts: yes
roles:
- tripleo-overcloud
- name: Add the overcloud nodes to the generated inventory
hosts: undercloud
gather_facts: yes
tags:
- overcloud-deploy
vars:
inventory: all
roles:
- tripleo-inventory
# Check the results of the deployment, note after inventory has executed
- name: Check the result of the deployment
hosts: localhost
tags:
- overcloud-deploy
tasks:
- name: ensure the deployment result has been read into memory
include_vars: "{{ local_working_dir }}/overcloud_deployment_result.json"
# overcloud_deploy_result = ["failed", "passed"]
- name: did the deployment pass or fail?
debug: var=overcloud_deploy_result
failed_when: overcloud_deploy_result == "failed"
- name: Validate the overcloud
hosts: undercloud
gather_facts: no
roles:
- tripleo-overcloud-validate
tags:
- overcloud-validate

@ -0,0 +1,315 @@
ansible-role-tripleo-baremetal-undercloud
=========================================
This role aims to build a baremetal undercloud machine from scratch. Using tripleo-quickstart, this means that you will be able to provide, prepare and install the undercloud on a physical machine.
From the tripleo-quickstart perspective virthost and undercloud will be the same host.
Requirements
------------
For make all the things working you need to have an environment with all the things in place:
Hardware requirements
* A physical machine for the undercloud that can be accessed as root from the jump host
* At least two other physical machines that will become controller and compute, for HA three controllers and one compute are needed
* A working network link between overcloud and undercloud, typically the second net device of the undercloud will talk to the first net device of all the overcloud machines
Software requirements
* The tripleo-quickstart quickstart.sh script:
* A config file (i.e. ha.yml) containing all the customizations for the baremetal environment
* This set of files, dependent from the hardware:
* File undercloud-provisioning.sh - optional, name is not important
* File network-environment.yaml - mandatory
* Directory nic-configs - mandatory if declared inside the resource_registry section in network-environment.yaml and must contain all the needed files
* File instackenv.json - mandatory, must contain the ipmi credentials for the nodes
Quickstart invocation
---------------------
You can invoke *quickstart.sh* like this:
```console
./quickstart.sh \
--clean \
--playbook baremetal-undercloud-validate-ha.yml \
--working-dir /path/to/workdir \
--requirements /path/to/quickstart-extras-requirements.txt \
--config /path/to/config.yml \
--release <RELEASE> \
--tags all \
<HOSTNAME or IP>
```
Basically this command:
* Uses the playbook **baremetal-undercloud.yml**
* Uses a custom workdir that is rebuilt from scratch (so if it already exists, it is dropped, see *--clean*)
* Get all the extra requirements
* Select the config file
* Chooses release (liberty, mitaka or “master” for newton)
* Performs all the tasks in the playbook
* Starts the installation on virthost
Role usage
----------
A typical config file will contain something like this:
```yaml
undercloud_type: baremetal
# Specify the secondary net interface for overcloud provisioning
undercloud_local_interface: eth1
# Specify the external network for undercloud that will be used to route overcloud traffic
undercloud_external_network_cidr: 172.20.0.0/24
# Declare the additional interface on undercloud to route overcloud traffic
undercloud_networks:
external:
address: 172.20.0.254
netmask: 255.255.255.0
device_type: ovs
type: OVSIntPort
ovs_bridge: br-ctlplane
ovs_options: '"tag=1105"'
tag: 1105
# Define all the flavors
flavor_map:
control: baremetal
compute: baremetal
storage: baremetal
ceph: baremetal
swift: baremetal
# To be used ansible-role-tripleo-baremetal-undercloud
step_provide_undercloud: true
# To be used in ansible-role-tripleo-overcloud-prep-baremetal
step_install_upstream_ipxe: true
# To be used in ansible-role-tripleo-overcloud-prep-images
step_introspect: true
# Explicitly declare kvm since we are on BM
libvirt_type: kvm
libvirt_args: "--libvirt-type kvm"
# Environment specific variables
baremetal_provisioning_script: "/path/to/undercloud-provisioning.sh"
baremetal_network_environment: "/path/to/network-environment.yaml"
baremetal_instackenv: "/path/to/instackenv.json"
baremetal_nic_configs: "/path/to/nic_configs"
# Public (Floating) network definition
public_physical_network: "floating"
floating_ip_cidr: "<FLOATING NETWORK CIDR>"
public_net_pool_start: "<FLOATING NETWORK POOL START>"
public_net_pool_end: "<FLOATING NETWORK POOL END>"
public_net_gateway: "<FLOATING NETWORK GATEWAY>"
extra_args: "--ntp-server <NTP SERVER IP> --control-scale 3 --compute-scale 2 --ceph-storage-scale 0 --block-storage-scale 0 --swift-storage-scale 0 --templates -e /usr/share/openstack-tripleo-heat-templates/environments/puppet-pacemaker.yaml -e /usr/share/openstack-tripleo-heat-templates/environments/network-isolation.yaml -e /home/stack/network-environment.yaml --neutron-bridge-mappings datacentre:br-floating"
```
A brief explanation of the variables:
* The variable **undercloud_type** is checked in all the dependent roles (see @Dependencies).
* The **undercloud_local_interface** needs to be changed accordingly to the baremetal hardware.
* The **undercloud_external_network_cidr** will be the overcloud external network that undercloud will route.
* A specific **flavor_map** (in this case baremetal) needs to be applied to each node kind.
* With **step_provide_undercloud** you can choose if you want to provide the virthost.
* With **step_introspect** you can choose if you want to introspect nodes.
* With **step_install_upstream_ipxe** you can choose if you want to install upstream ipxe (useful with some hardware issues).
* The **libvirt_type** and **libvirt_args** must be set to kvm, since we will work on baremetal with native virtual capabilities.
* **baremetal_provisioning_script** is the script to provide the machine, if **step_provide_undercloud is false** than this can be omitted.
* **baremetal_network_environment**, **baremetal_instackenv** and *optionally* **baremetal_nic_configs** will contain all the environment files.
* If instances needs to be accessible from the outside network then all the parameters (so **floating_ip_cidr** and **public_net_***) of this floating network must be explicited.
* **extra_args** will contain all deploy specific (like HA settings)
The main task of the role is this one:
```yaml
---
# tasks file for ansible-role-tripleo-baremetal-undercloud
# Do machine provisioning
- include: machine-provisioning.yml
tags:
- machine-provision
# Prepare machine to be used with TripleO
- include: machine-setup.yml
tags:
- machine-setup
# Configure repos and packages
- include: undercloud-repos-conf.yml
delegate_to: "{{ virthost }}"
tags:
- undercloud-repos-conf
# Get overcloud images
- include: overcloud-images.yml
delegate_to: "{{ virthost }}"
tags:
- overcloud-images
```
This is basically what each specific tasks does:
* **machine-provisioning.yml** provides the machine and make it become both virthost/undercloud
* **machine-setup.yml** prepares the undercloud with ssh connections, users, sudoers and inventory addition
* **undercloud-repos-conf.yml** repositories and packages configurations
* **overcloud-images.yml** overcloud images retrieving
Some notes:
* Even if virthost and undercloud are the same machine, the name “undercloud” will be inventoried after (see the baremetal playbook slide)
* Each action is tagged so it is possible to exclude a specific section
* In any case some variables can be controlled via config settings:
* step_provide_undercloud: choose if you want to do undercloud machine provisioning
* step_prepare_undercloud: choose if you want to install repos and basic packages on undercloud
* step_overcloud_images: choose if you want to download overcloud images
Dependencies
------------
If you don't need to change anything in how the environments gets deployed, then all the dependencies should be satisfied by the default **quickstart-extras-requirements.txt** file.
In any case the roles you will need to deploy an entire environment from scratch (see @Example Playbook) are:
* **ansible-role-tripleo-baremetal-undercloud** (this role)
* **tripleo-inventory** (part of *tripleo-quickstart*)
* **tripleo/undercloud** (part of *tripleo-quickstart*)
* **ansible-role-overcloud-prep-{baremetal,config,images,flavors,network}**
* **ansible-role-tripleo-overcloud**
* **ansible-role-tripleo-overcloud-validate** or **ansible-role-tripleo-overcloud-validate-ha** (if you want to test HA capabilities)
Example Playbook
----------------
Here's is an example on host to use this role in combination to all the others coming from various related to tripleo-quickstart:
```yaml
---
# Provision and initial undercloud setup
- name: Baremetal undercloud install
hosts: localhost
roles:
- tripleo-baremetal-undercloud
tags:
- undercloud-bm-install
# Machine at this point is provided
- name: Add the undercloud node to the generated inventory
hosts: localhost
gather_facts: yes
tags:
- undercloud-scripts
roles:
- tripleo-inventory
# Deploy the undercloud
- name: Install undercloud
hosts: undercloud
gather_facts: no
tags:
- undercloud-install
roles:
- tripleo/undercloud
# Baremetal preparation (with workarounds)
- name: Prepare baremetal for the overcloud deployment
hosts: undercloud
roles:
- overcloud-prep-baremetal
tags:
- overcloud-prep-baremetal
# Prepare any additional configuration files required by the overcloud
- name: Prepare configuration files for the overcloud deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-config
# Prepare the overcloud images for deployment
- name: Prepare the overcloud images for deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-images
# Prepare the overcloud flavor configuration
- name: Prepare overcloud flavors
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-flavors
# Prepare the undercloud networks for the overcloud deployment
- name: Prepare the undercloud networks for the overcloud deployment
hosts: undercloud
gather_facts: no
roles:
- overcloud-prep-network
# Deploy the overcloud
- name: Deploy the overcloud
hosts: undercloud
gather_facts: yes
roles:
- tripleo-overcloud
- name: Add the overcloud nodes to the generated inventory
hosts: undercloud
gather_facts: yes
tags:
- overcloud-deploy
vars:
inventory: all
roles:
- tripleo-inventory
# Check the results of the deployment, note after inventory has executed
- name: Check the result of the deployment
hosts: localhost
tags:
- overcloud-deploy
tasks:
- name: ensure the deployment result has been read into memory
include_vars: "{{ local_working_dir }}/overcloud_deployment_result.json"
# overcloud_deploy_result = ["failed", "passed"]
- name: did the deployment pass or fail?
debug: var=overcloud_deploy_result
failed_when: overcloud_deploy_result == "failed"
# HA Validation
- name: Validate the overcloud using HA tests
hosts: undercloud
gather_facts: no
roles:
- tripleo-overcloud-validate-ha
tags:
- overcloud-validate-ha
```
The steps of the sample playbook are these:
* First invoked role is tripleo-baremeal-undercloud undercloud
* Then undercloud is inventoried
* Undercloud is prepared for deploying
* Overcloud is then deployed, inventoried and validated
License
-------
Apache
Author Information
------------------
Raoul Scarazzini <rasca@redhat.com>

@ -0,0 +1,20 @@
working_dir: /home/stack
non_root_user: stack
undercloud_key: "{{ local_working_dir }}/id_rsa_undercloud"
baremetal_provisioning_log: "{{ local_working_dir }}/baremetal_provision.log"
undercloud_repos_conf_script: undercloud-repos-conf.sh.j2
undercloud_repos_conf_log: "{{ working_dir }}/undercloud_repos_conf.log"
overcloud_images_script: overcloud-images.sh.j2
overcloud_images_log: "{{ working_dir }}/overcloud_images.log"
undercloud_local_interface: eth1
undercloud_network_cidr: 192.0.2.0/24
step_provide_undercloud: true
step_prepare_undercloud: true
step_undercloud_repos: true
step_overcloud_images: true

@ -0,0 +1,4 @@
- name: Provision script execution
shell: >
{{ baremetal_provisioning_script }} > {{ baremetal_provisioning_log }} 2>&1
when: step_provide_undercloud

@ -0,0 +1,86 @@
- name: Check that virthost/undercloud is set
fail:
msg: "You need to set virthost/undercloud before running these playbooks."
when: virthost is not defined
- name: Ensure local working dir exists
file:
path: "{{ local_working_dir }}"
state: directory
- name: Create empty ssh config file
file:
path: "{{ local_working_dir }}/ssh.config.ansible"
state: touch
- name: Add the virthost to the inventory
add_host:
name: "{{ virthost }}"
groups: "virthost"
ansible_fqdn: "{{ virthost }}"
ansible_user: "root"
ansible_host: "{{ virthost }}"
- name: Create virthost/undercloud access key
command: >
ssh-keygen -f {{ undercloud_key }} -N ''
-C 'ansible_generated_virt_host'
-t rsa -b 4096
args:
creates: "{{ undercloud_key }}"
- name: Create non-root user on virthost/undercloud
delegate_to: "{{ virthost }}"
user:
name: "{{ non_root_user }}"
state: present
shell: /bin/bash
become: true
- name: Configure non-root user authorized_keys on virthost/undercloud
delegate_to: "{{ virthost }}"
authorized_key:
user: "{{ non_root_user }}"
key: "{{ item }}"
with_file:
- "{{ undercloud_key }}.pub"
become: true
- name: Grant sudo privileges to non-root user on virthost/undercloud
delegate_to: "{{ virthost }}"
copy:
content: |
{{ non_root_user }} ALL=(ALL) NOPASSWD:ALL
dest: /etc/sudoers.d/{{ non_root_user }}
owner: root
group: root
mode: 0440
become: true
- name: get undercloud ip
delegate_to: "{{ virthost }}"
shell: ip route get 1 | awk '{print $NF;exit}'
register: registered_undercloud_ip
- name: Re-add the virthost to the inventory
add_host:
name: "{{ virthost }}"
groups: "virthost"
ansible_fqdn: "{{ virthost }}"
ansible_user: "{{ non_root_user }}"
ansible_host: "{{ virthost }}"
ansible_private_key_file: "{{ undercloud_key }}"
# Add the undercloud to the in-memory inventory.
- name: Add undercloud machine to inventory
add_host:
name: undercloud
groups: undercloud
ansible_host: undercloud
ansible_fqdn: undercloud
ansible_user: stack
ansible_private_key_file: "{{ undercloud_key }}"
ansible_ssh_extra_args: '-F "{{local_working_dir}}/ssh.config.ansible"'
ansible_scp_extra_args: '-F "{{local_working_dir}}/ssh.config.ansible"'
ansible_sftp_extra_args: '-F "{{local_working_dir}}/ssh.config.ansible"'
undercloud_ip: "{{ registered_undercloud_ip.stdout }}"

@ -0,0 +1,24 @@
---
# tasks file for ansible-role-tripleo-baremetal-undercloud
# Do machine provisioning
- include: machine-provisioning.yml
tags:
- machine-provision
# Prepare machine to be used with TripleO
- include: machine-setup.yml
tags:
- machine-setup
# Configure repos and packages
- include: undercloud-repos-conf.yml
delegate_to: "{{ virthost }}"
tags:
- undercloud-repos-conf
# Get overcloud images
- include: overcloud-images.yml
delegate_to: "{{ virthost }}"
tags:
- overcloud-images

@ -0,0 +1,11 @@
# Copy overcloud images script
- name: Copy repositories configuration script
template:
src: "{{ overcloud_images_script }}"
dest: "{{ working_dir }}/overcloud-images.sh"
mode: 0755
- name: Overcloud images
shell: >
{{ working_dir }}/overcloud-images.sh > {{ overcloud_images_log }} 2>&1
when: step_overcloud_images

@ -0,0 +1,12 @@
# Copy repo configuration script
- name: Copy repositories configuration script
template:
src: "{{ undercloud_repos_conf_script }}"
dest: "{{ working_dir }}/undercloud-repos-conf.sh"
mode: 0755
- name: Execute repositories configuration script
shell: >
{{ working_dir }}/undercloud-repos-conf.sh > {{ undercloud_repos_conf_log }} 2>&1
when: step_prepare_undercloud
become: true

@ -0,0 +1,31 @@
#!/bin/bash
set -eux
### --start_docs
## Prepare the images to be used in the overcloud
## ==============================================
## Prepare the images
## ------------------
## * Retrieve images from the known urls
## ::
wget "{{ overcloud_image_url }}"
wget "{{ ipa_image_url }}"
for i in *.tar; do
tar xvfp $i
done
## * Ensure libvirtd is started (otherwise virt-customize won't work
## ::
sudo systemctl restart libvirtd
## * Change root password on the image
## ::
virt-customize -a overcloud-full.qcow2 --root-password password:redhat
### --stop_docs

@ -0,0 +1,53 @@
#!/bin/bash
set -eux
### --start_docs
## Prepare repos and packages on the undercloud
## ============================================
## Prepare repos and packages
## --------------------------
## * Install base and useful packages.
## ::
yum install -y ntp ntpdate vim tmux openssl wget bind-utils net-tools git lftp libguestfs-tools sos
## * Fix time issues with ntp.
## ::
yum erase -y chrony
rm -f /etc/chrony*
sed -i s'/^server.*//' /etc/ntp.conf
sh -c 'echo "server clock.redhat.com iburst" >> /etc/ntp.conf'
sh -c 'echo clock.redhat.com > /etc/ntp/step-tickers'
sh -c 'echo "SYNC_HWCLOCK=yes" >> /etc/sysconfig/ntpdate'
ntpdate clock.redhat.com
systemctl enable ntpdate
systemctl enable ntpd
systemctl start ntpd
## * Configure repos.
## ::
#curl -o /etc/yum.repos.d/delorean.repo http://trunk.rdoproject.org/centos7-{{ release }}/current-passed-ci/delorean.repo
curl -o /etc/yum.repos.d/delorean.repo http://buildlogs.centos.org/centos/7/cloud/x86_64/rdo-trunk-{{ release }}-tested/delorean.repo
curl -o /etc/yum.repos.d/delorean-deps.repo http://trunk.rdoproject.org/centos7-{{ release }}/delorean-deps.repo
{% if release == 'liberty' %}
# (trown) Install ironic-python-agent from mitaka delorean for LIO support.
# We either need to do that or include tgt from EPEL, and upstream
# ironic-python-agent project does not actually even gate the stable branch.
# I am working on getting them to remove the stable branch, which will give us
# LIO support in liberty delorean.
yum install -y http://trunk.rdoproject.org/centos7/55/17/5517b8e9aea3ded1052209384b4194d2caa97541_673a78a2/openstack-ironic-python-agent-1.1.1-dev6.el7.centos.noarch.rpm http://trunk.rdoproject.org/centos7/55/17/5517b8e9aea3ded1052209384b4194d2caa97541_673a78a2/python2-ironic-python-agent-1.1.1-dev6.el7.centos.noarch.rpm
{% endif %}
## * Install TripleO packages.
## ::
yum install -y yum-plugin-priorities
yum install -y python-tripleoclient
### --stop_docs
Loading…
Cancel
Save