Rackspace is requiring multi-factor authentication for all users beginning 2024-03-26. Enabling MFA on our accounts will immediately render password-based authentication inoperable for the API. In preparation for this switch, add new cloud entries for the provider which authenticate by API key so that we can test and move more smoothly between the two while we work out any unanticipated kinks. Change-Id: I787df458aa048ad80e246128085b252bb5888285
Create Server
The commands in this section should be run as root on the bastion host.
To launch a node in the OpenStack CI account (production servers):
export OS_CLOUD=openstackci-rax
export OS_REGION_NAME=DFW
export FLAVOR="8 GB Performance"
export FQDN=servername01.opendev.org
/usr/launcher-venv/bin/launch-node $FQDN --flavor "$FLAVOR" \
--cloud=$OS_CLOUD --region=$OS_REGION_NAME
Manually add the hostname to DNS (the launch script does not do so
automatically, but it prints the commands to run). Note that for
*.opendev.org hosts you'll only be able to add the reverse dns records
via the printed commands. Forward A and AAAA records should be added to
opendev/zone-opendev.org/zones/opendev.org/zone.db
.
We need to add the host to our static inventory file so that the
ansible runs see the new host. The launch script prints out the
appropriate lines to add to
opendev/system-config:inventory/openstack.yaml
.
In order for Ansible to work, you also need to accept the root SSH
key for the new server. Once the new DNS entries have propagated, as
root
on the bastion server:
ssh root@$FQDN
Verify the fingerprint of the new server and type "yes" to accept. Then you can log out.
Add DNS Records
The launch-node script will print the commands needed to be run to configure DNS for a newly launched server. To see the commands for an existing server, run:
/usr/launcher-venv/bin/show-dns $FQDN