VirtualBMC support for tripleo-quickstart
This patch is replacing the usage of the pxe_ssh driver in Ironic in favor of pxe_ipmitool + VirtualBMC*. The main reason for this patch is because the pxe_ssh driver is already marked as unsupported and will be removed from Ironic upstream at the end of the Ocata release. Older releases: Liberty, Mitaka and Newton will continue to rely on the pxe_ssh driver. * VirtualBMC is a proxy that converts IPMI commands to libvirt calls Partial-Bug: #1645733 Change-Id: Iaaa9fc1fd593cbce045456f4341c461a8eea82ad
This commit is contained in:
parent
2d42633a43
commit
c8c6e57ca2
|
@ -4,12 +4,15 @@
|
||||||
overcloud_nodes:
|
overcloud_nodes:
|
||||||
- name: control_0
|
- name: control_0
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6230
|
||||||
|
|
||||||
- name: compute_0
|
- name: compute_0
|
||||||
flavor: compute
|
flavor: compute
|
||||||
|
virtualbmc_port: 6231
|
||||||
|
|
||||||
- name: ceph_0
|
- name: ceph_0
|
||||||
flavor: ceph
|
flavor: ceph
|
||||||
|
virtualbmc_port: 6232
|
||||||
|
|
||||||
# Tell tripleo how we want things done.
|
# Tell tripleo how we want things done.
|
||||||
extra_args: >-
|
extra_args: >-
|
||||||
|
|
|
@ -24,13 +24,19 @@ undercloud_generate_service_certificate: True
|
||||||
overcloud_nodes:
|
overcloud_nodes:
|
||||||
- name: control_0
|
- name: control_0
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6230
|
||||||
|
|
||||||
- name: control_1
|
- name: control_1
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6231
|
||||||
|
|
||||||
- name: control_2
|
- name: control_2
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6232
|
||||||
|
|
||||||
- name: compute_0
|
- name: compute_0
|
||||||
flavor: compute
|
flavor: compute
|
||||||
|
virtualbmc_port: 6233
|
||||||
|
|
||||||
# We don't need introspection in a virtual environment (because we are
|
# We don't need introspection in a virtual environment (because we are
|
||||||
# creating all the "hardware" we really know the necessary
|
# creating all the "hardware" we really know the necessary
|
||||||
|
|
|
@ -21,17 +21,27 @@ default_vcpu: 1
|
||||||
overcloud_nodes:
|
overcloud_nodes:
|
||||||
- name: control_0
|
- name: control_0
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6230
|
||||||
|
|
||||||
- name: control_1
|
- name: control_1
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6231
|
||||||
|
|
||||||
- name: control_2
|
- name: control_2
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6232
|
||||||
|
|
||||||
- name: compute_0
|
- name: compute_0
|
||||||
flavor: compute
|
flavor: compute
|
||||||
|
virtualbmc_port: 6233
|
||||||
|
|
||||||
- name: compute_1
|
- name: compute_1
|
||||||
flavor: compute
|
flavor: compute
|
||||||
|
virtualbmc_port: 6234
|
||||||
|
|
||||||
- name: compute_2
|
- name: compute_2
|
||||||
flavor: compute
|
flavor: compute
|
||||||
|
virtualbmc_port: 6235
|
||||||
|
|
||||||
# We don't need introspection in a virtual environment (because we are
|
# We don't need introspection in a virtual environment (because we are
|
||||||
# creating all the "hardware" we really know the necessary
|
# creating all the "hardware" we really know the necessary
|
||||||
|
|
|
@ -7,9 +7,11 @@ step_introspect: true
|
||||||
overcloud_nodes:
|
overcloud_nodes:
|
||||||
- name: control_0
|
- name: control_0
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6230
|
||||||
|
|
||||||
- name: compute_0
|
- name: compute_0
|
||||||
flavor: compute
|
flavor: compute
|
||||||
|
virtualbmc_port: 6231
|
||||||
|
|
||||||
# Tell tripleo how we want things done.
|
# Tell tripleo how we want things done.
|
||||||
extra_args: >-
|
extra_args: >-
|
||||||
|
|
|
@ -6,9 +6,11 @@ step_introspect: true
|
||||||
overcloud_nodes:
|
overcloud_nodes:
|
||||||
- name: control_0
|
- name: control_0
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6230
|
||||||
|
|
||||||
- name: compute_0
|
- name: compute_0
|
||||||
flavor: compute
|
flavor: compute
|
||||||
|
virtualbmc_port: 6231
|
||||||
|
|
||||||
network_isolation: false
|
network_isolation: false
|
||||||
|
|
||||||
|
|
|
@ -5,9 +5,11 @@
|
||||||
overcloud_nodes:
|
overcloud_nodes:
|
||||||
- name: control_0
|
- name: control_0
|
||||||
flavor: control
|
flavor: control
|
||||||
|
virtualbmc_port: 6230
|
||||||
|
|
||||||
- name: compute_0
|
- name: compute_0
|
||||||
flavor: compute
|
flavor: compute
|
||||||
|
virtualbmc_port: 6231
|
||||||
|
|
||||||
# Tell tripleo how we want things done.
|
# Tell tripleo how we want things done.
|
||||||
extra_args: >-
|
extra_args: >-
|
||||||
|
|
|
@ -152,3 +152,7 @@ devmode: false
|
||||||
|
|
||||||
# Tuned profile set while provisioning remote hosts to optimize for deployment
|
# Tuned profile set while provisioning remote hosts to optimize for deployment
|
||||||
tuned_profile: 'virtual-host'
|
tuned_profile: 'virtual-host'
|
||||||
|
|
||||||
|
# This is the name of the user the `provision` role will create on the
|
||||||
|
# remote host.
|
||||||
|
non_root_user: stack
|
||||||
|
|
|
@ -6,8 +6,18 @@
|
||||||
{% for node in overcloud_nodes %}
|
{% for node in overcloud_nodes %}
|
||||||
{
|
{
|
||||||
"name": "{{ node.name|replace('_', '-') }}",
|
"name": "{{ node.name|replace('_', '-') }}",
|
||||||
"pm_password": {{ virt_power_key_pvt | to_nice_json }},
|
{% if release in ['liberty', 'mitaka', 'newton' ] %}
|
||||||
"pm_type": "pxe_ssh",
|
"pm_password": {{ virt_power_key_pvt | to_nice_json }},
|
||||||
|
"pm_type": "pxe_ssh",
|
||||||
|
"pm_user": "{{ ansible_user_id }}",
|
||||||
|
"pm_addr": "{{ host_ip }}",
|
||||||
|
{% else %}
|
||||||
|
"pm_password": "password",
|
||||||
|
"pm_type": "pxe_ipmitool",
|
||||||
|
"pm_user": "admin",
|
||||||
|
"pm_addr": "127.0.0.1",
|
||||||
|
"pm_port": "{{ node.virtualbmc_port }}",
|
||||||
|
{% endif %}
|
||||||
"mac": [
|
"mac": [
|
||||||
"{{ node_mac_map.get(node.name).get('overcloud') }}"
|
"{{ node_mac_map.get(node.name).get('overcloud') }}"
|
||||||
],
|
],
|
||||||
|
@ -15,8 +25,6 @@
|
||||||
"memory": "{{ flavors[node.flavor].memory }}",
|
"memory": "{{ flavors[node.flavor].memory }}",
|
||||||
"disk": "{{ flavors[node.flavor].disk }}",
|
"disk": "{{ flavors[node.flavor].disk }}",
|
||||||
"arch": "{{ libvirt_arch }}",
|
"arch": "{{ libvirt_arch }}",
|
||||||
"pm_user": "{{ ansible_user_id }}",
|
|
||||||
"pm_addr": "{{ host_ip }}",
|
|
||||||
"capabilities": "profile:{{ node.flavor }},boot_option:local"
|
"capabilities": "profile:{{ node.flavor }},boot_option:local"
|
||||||
}
|
}
|
||||||
{% if not loop.last %}
|
{% if not loop.last %}
|
||||||
|
|
|
@ -86,6 +86,14 @@
|
||||||
src: "{{ undercloud_key }}.pub"
|
src: "{{ undercloud_key }}.pub"
|
||||||
dest: "{{ working_dir }}/id_rsa_undercloud.pub"
|
dest: "{{ working_dir }}/id_rsa_undercloud.pub"
|
||||||
|
|
||||||
|
# Copy the virt host private key to `$HOME/.ssh/id_rsa_virt_power` for
|
||||||
|
# VirtualBMC be able to access the hypervisor where the VMs are located
|
||||||
|
- name: Copy virt host ssh private key to working dir
|
||||||
|
when: release not in ['liberty', 'mitaka', 'newton']
|
||||||
|
copy:
|
||||||
|
src: "{{ virt_power_key }}"
|
||||||
|
dest: "{{ working_dir }}/id_rsa_virt_power"
|
||||||
|
|
||||||
# Copy the public key to `$HOME/.ssh/authorized_keys` for the `root`
|
# Copy the public key to `$HOME/.ssh/authorized_keys` for the `root`
|
||||||
# and `stack` user on the undercloud.
|
# and `stack` user on the undercloud.
|
||||||
- name: Inject undercloud ssh public key to appliance
|
- name: Inject undercloud ssh public key to appliance
|
||||||
|
@ -106,6 +114,19 @@
|
||||||
owner: stack
|
owner: stack
|
||||||
group: stack
|
group: stack
|
||||||
|
|
||||||
|
# This copies the `id_rsa_virt_power` private key that we generated
|
||||||
|
# in the overcloud setup role to the undercloud host to be used by
|
||||||
|
# VirtualBMC+libvirt to access the virthost.
|
||||||
|
- name: Copy id_rsa_virt_power to appliance
|
||||||
|
when: release not in ['liberty', 'mitaka', 'newton']
|
||||||
|
command: >
|
||||||
|
virt-customize -a {{ working_dir }}/undercloud.qcow2
|
||||||
|
--upload '{{ working_dir }}/id_rsa_virt_power:/root/.ssh/id_rsa_virt_power'
|
||||||
|
--run-command 'chown root:root /root/.ssh/id_rsa_virt_power'
|
||||||
|
--run-command 'chmod 0600 /root/.ssh/id_rsa_virt_power'
|
||||||
|
environment:
|
||||||
|
LIBGUESTFS_BACKEND: direct
|
||||||
|
|
||||||
- name: Create undercloud customize script
|
- name: Create undercloud customize script
|
||||||
template:
|
template:
|
||||||
src: "{{ undercloud_customize_script }}"
|
src: "{{ undercloud_customize_script }}"
|
||||||
|
@ -308,4 +329,3 @@
|
||||||
template:
|
template:
|
||||||
src: ssh.config.j2
|
src: ssh.config.j2
|
||||||
dest: "{{ local_working_dir }}/ssh.config.ansible"
|
dest: "{{ local_working_dir }}/ssh.config.ansible"
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,3 @@
|
||||||
# This is the name of the user the `provision` role will create on the
|
|
||||||
# remote host.
|
|
||||||
non_root_user: stack
|
|
||||||
|
|
||||||
# The path to an ssh key (that we will generate) that can be used to
|
# The path to an ssh key (that we will generate) that can be used to
|
||||||
# log in to the virt host.
|
# log in to the virt host.
|
||||||
virt_host_key: "{{ local_working_dir }}/id_rsa_virt_host"
|
virt_host_key: "{{ local_working_dir }}/id_rsa_virt_host"
|
||||||
|
|
|
@ -40,6 +40,15 @@
|
||||||
shell: /bin/bash
|
shell: /bin/bash
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
|
- name: Get the non-root user UID
|
||||||
|
command: "id {{ non_root_user }} -u"
|
||||||
|
register: non_root_user_uid_output
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
- name: Save the non-root user UID
|
||||||
|
set_fact:
|
||||||
|
non_root_user_uid: "{{ non_root_user_uid_output.stdout }}"
|
||||||
|
|
||||||
# Install the public component of `virt_host_key` in the
|
# Install the public component of `virt_host_key` in the
|
||||||
# `.ssh/authorized_keys` file for the non-root user.
|
# `.ssh/authorized_keys` file for the non-root user.
|
||||||
- name: Configure non-root user authorized_keys
|
- name: Configure non-root user authorized_keys
|
||||||
|
|
|
@ -24,3 +24,50 @@
|
||||||
dest: "{{ local_working_dir }}/stackrc"
|
dest: "{{ local_working_dir }}/stackrc"
|
||||||
line: "export OS_PASSWORD={{ undercloud_admin_password.stdout }}"
|
line: "export OS_PASSWORD={{ undercloud_admin_password.stdout }}"
|
||||||
regexp: "OS_PASSWORD"
|
regexp: "OS_PASSWORD"
|
||||||
|
|
||||||
|
- name: Install VirtualBMC package
|
||||||
|
when: release not in ['liberty', 'mitaka', 'newton']
|
||||||
|
package:
|
||||||
|
name: "python2-virtualbmc"
|
||||||
|
state: present
|
||||||
|
use: yum
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Create the Virtual BMCs
|
||||||
|
when: release not in ['liberty', 'mitaka', 'newton']
|
||||||
|
command: >
|
||||||
|
vbmc add {{item.name}} --port {{item.virtualbmc_port}} --libvirt-uri "qemu+ssh://{{ non_root_user }}@{{ networks[0].address }}/session?socket=/run/user/{{ hostvars[groups['virthost'][0]].non_root_user_uid }}/libvirt/libvirt-sock&keyfile=/root/.ssh/id_rsa_virt_power&no_verify=1&no_tty=1"
|
||||||
|
with_items: "{{ overcloud_nodes }}"
|
||||||
|
become: true
|
||||||
|
become_user: root
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
# TODO(lucasagomes): The service file should be included in the
|
||||||
|
# virtualbmc RPM package.
|
||||||
|
- name: Create the VirtualBMC systemd service
|
||||||
|
when: release not in ['liberty', 'mitaka', 'newton']
|
||||||
|
copy:
|
||||||
|
mode: 0664
|
||||||
|
dest: "/usr/lib/systemd/system/virtualbmc.service"
|
||||||
|
content: |
|
||||||
|
[Unit]
|
||||||
|
Description=VirtualBMC service
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/bin/bash -c 'for bmc in $(ls /root/.vbmc/); do vbmc start $bmc; done'
|
||||||
|
ExecStop=/bin/bash -c 'for bmc in $(ls /root/.vbmc/); do vbmc stop $bmc; done'
|
||||||
|
RemainAfterExit=yes
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Start the Virtual BMCs
|
||||||
|
when: release not in ['liberty', 'mitaka', 'newton']
|
||||||
|
service:
|
||||||
|
name: virtualbmc
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
become: true
|
||||||
|
|
Loading…
Reference in New Issue