3e06f195b7
Changes in patchset #11:
1) moved to putting default port variables in group_vars/all.yml
2) updated README to specify changing port variables for undercloud deployments
3) removed setting variables in the nginx task, but we can utilize fail: checks
for variable checks instead (cleaner).
Changes in patchet #10:
1) added become: true for filebeat per jtaleric comments
2) added no_log: True to reduce unecessary firewall debug discovery
during the playbook run
Changes in patchset #9:
Rebased against commit 5ef39f88dd
Changes in patchset #8:
1) use restart instead of start for ansible service
this will address when you re-run playbooks if you
decide to change the listener ports
Changes in patchset #7:
1) use rpm_key ansible module instead of rpm command
for GPG key management
Changes in patchset #6:
1) ensure elk_server_ssl_cert_port variable can be set
for non-standard port access like elk_server
Changes in patchset #5:
1) use 'become=true' for all operations within filebeat
so that elk clients running as non-root (but privileged)
users can run client deployments.
Changes in patchset #4:
1) turn logstash stdout off by default
2) remove unneeded logstash refresh
Changes in patchset #3:
1) remove debug statements for port variable testing
Changes in patchset #2:
1) remove unneeded conditional logic, only comparison
for 'none' is needed.
2) fix duplicate variable assignment
3) add more info to group_vars/all comments that you
need to use nonstandard ports for both if you need one
only.
Changes introduced in patchset #1:
This provides the following functionality:
1) adds two new variables to group_vars/all:
* nginx_kibana_port
* elk_server_ssl_cert_port
2) sets a normal default for these ports if
they are not defined explicitly.
If these are not defined then default ports of 80/TCP
and 8080/TCP will be used respectively.
If they are defined (in case of undercloud install where lots
of services/ports are listening on standard ports) then both
nginx jinja2 templates will be updated along with firewall rules.
Why we need this functionality, and why we should use it:
1) Avoid hard-coded defaults like 1.1.1.1 or service ports
2) Minimize the amount of editing needed for variables before
Browbeat can be run by users
Change-Id: Ia689f73d9c0c83de4d34a1954824afbee8205c25
Table of Contents
Ansible for Browbeat
Currently we support Ansible 1.9.4 within browbeat-venv and ansible 2.0 for installation.
Playbooks for:
- Installing Browbeat, collectd, connmon, ELK stack and clients, graphite, grafana, and grafana dashboards
- Check overcloud for performance issues
- Tune overcloud for performance (Experimental)
- Adjust number of workers for cinder/keystone/neutron/nova
- Deploy keystone in eventlet/httpd
- Adjust keystone token type to UUID/Fernet
- Adjust neutron l3 agents
- Adjust nova greenlet_pool_size / max_overflow
Getting Started
Install your public key into stack's authorized_keys
# ssh-copy-id stack@<undercloud-ip>
Then run gen_hosts.sh script to generate your overcloud's hosts file for ansible and generate a "jumpbox" ssh config:
# ./gen_hostfile.sh <undercloud-ip> ~/.ssh/config
*Review the hosts file the script generates.
Ansible Installers
Install Browbeat
Image upload requires Ansible 2.0
# vi install/group_vars/all # Edit ansible vars file (Installation parameters)
# ansible-playbook -i hosts install/browbeat.yml
Install Collectd Agent (Requires a Graphite Server)
Prior to installing the agent, please review install/group_vars/all file to ensure the correct parameters are passed.
# ansible-playbook -i hosts install/collectd-openstack.yml
To install collectd on everything other than Openstack machines, view the README for collectd-generic.
Install Connmon
Requires Ansible 2.0
# ansible-playbook -i hosts install/connmon.yml
Install Generic ELK Stack
ansible-playbook -i hosts install/elk.yml
Install ELK Stack (on an OpenStack Undercloud)
sed -i 's/nginx_kibana_port: 80/nginx_kibana_port: 8888/' install/group_vars/all.yml
sed -i 's/elk_server_ssl_cert_port: 8080/elk_server_ssl_cert_port: 9999/' install/group_vars/all.yml
ansible-playbook -i hosts install/elk.yml
Install Generic ELK Clients
ansible-playbook -i hosts install/elk-client.yml --extra-vars 'elk_server=X.X.X.X'
- elk_server variable will be generated after the ELK stack playbook runs
Install ELK Clients for OpenStack nodes
ansible-playbook -i hosts install/elk-openstack-client.yml --extra-vars 'elk_server=X.X.X.X'
- elk_server variable will be generated after the ELK stack playbook runs
Install graphite service
# ansible-playbook -i hosts install/graphite.yml
Install grafana service
Prior to installing grafana, please review install/group_vars/all file and your ansible inventory file
# ansible-playbook -i hosts install/grafana.yml
Install Grafana Dashboards (Requires a Grafana Server)
Review install/group_vars/all before deploying the grafana dashboards
# ansible-playbook -i hosts install/dashboards-openstack.yml
Performance Check
Run the check playbook to identify common performance issues:
# ansible-playbook -i hosts check/site.yml
Performance Tune
Run the tune playbook to tune your OSPd deployed cloud for performance:
# ansible-playbook -i hosts tune/tune.yml
Adjust your overcloud
To modify the number of workers each service is running:
# ansible-playbook -i hosts browbeat/adjustment-workers.yml -e "workers=8"
Openstack services will be running 8 workers per service.
To modify number of workers each service is running and ensure Keystone is deployed in eventlet:
# ansible-playbook -i hosts browbeat/adjustment-workers.yml -e "workers=8 keystone_deployment=eventlet"
To run Keystone in httpd, change keystone_deployment to httpd:
# ansible-playbook -i hosts browbeat/adjustment-workers.yml -e "workers=8 keystone_deployment=httpd"
To switch to fernet tokens:
# ansible-playbook -i hosts browbeat/adjustment-keystone-token.yml -e "token_provider=fernet"
To switch to UUID tokens:
# ansible-playbook -i hosts browbeat/adjustment-keystone-token.yml -e "token_provider=uuid"