diff --git a/PROBLEMS b/PROBLEMS new file mode 100644 index 000000000..a3cfd172c --- /dev/null +++ b/PROBLEMS @@ -0,0 +1,15 @@ +ansible PTY allocation request failed +===================================== + +In /var/log/secure: Unable to open pty: No such file or directory +none /dev/pts devpts gid=5,mode=620 0 0 + +Kolla patches +============= + +See bootstrap_kolla.sh. + +Ironic inspector +================ + +Failed to start due to iptables error. diff --git a/deploy-overcloud.sh b/deploy-overcloud.sh new file mode 100755 index 000000000..cc9bd7d9d --- /dev/null +++ b/deploy-overcloud.sh @@ -0,0 +1,76 @@ +#!/bin/bash + +set -e + +########################################################### +# Overcloud + +function configure_overcloud_network { + echo "TODO: configure overcloud network" +} + +function configure_overcloud_bios_and_raid { + echo "TODO: configure overcloud BIOS and RAID" +} + +function deploy_overcloud_servers { + # Deploy servers with Bifrost + kolla-ansible deploy-servers -i /etc/kolla/inventory/seed +} + +function configure_overcloud_os { + #ansible controllers -b -i /etc/kolla/inventory/overcloud -m yum -a 'name=[epel-release, centos-release-openstack-newton]' + #ansible controllers -b -i /etc/kolla/inventory/overcloud -m yum -a 'name=[python-pip, vim]' + + # Disable SELiunx + ansible controllers -b -i /etc/kolla/inventory/overcloud -m selinux -a 'state=disabled' + ansible controllers -b -i /etc/kolla/inventory/overcloud -m command -a 'reboot -f' & + + # Wait for nodes to come back up + echo "Waiting for overcloud nodes to come back up" + while true ; do + ansible controllers -i /etc/kolla/inventory/overcloud -m command -a 'hostname' && break + done +} + +function bootstrap_overcloud_kolla { + # TODO + # Bootstrap seed node + kolla-ansible bootstrap-servers -i /etc/kolla/inventory/overcloud + ansible controllers -i /etc/kolla/inventory/overcloud -m command -a 'docker ps' + ansible controllers -b -i /etc/kolla/inventory/overcloud -m service -a 'name=ntpd state=started enabled=yes' +} + +function configure_overcloud_docker { + echo "TODO: configure overcloud docker" +} + +function pull_overcloud_images { + kolla-ansible pull -i /etc/kolla/inventory/overcloud +} + +function deploy_overcloud_services { + kolla-ansible prechecks -i /etc/kolla/inventory/overcloud + kolla-ansible deploy -i /etc/kolla/inventory/overcloud + kolla-ansible post-deploy -i /etc/kolla/inventory/overcloud +} + +function deploy_overcloud { + configure_overcloud_network + configure_overcloud_bios_and_raid + deploy_overcloud_servers + configure_overcloud_os + bootstrap_overcloud_kolla + configure_overcloud_docker + pull_overcloud_images + deploy_overcloud_services +} + +########################################################### +# Main + +function main { + deploy_overcloud +} + +deploy_overcloud diff --git a/deploy-seed.sh b/deploy-seed.sh new file mode 100755 index 000000000..9830d6cc2 --- /dev/null +++ b/deploy-seed.sh @@ -0,0 +1,619 @@ +#!/bin/bash + +set -e + +########################################################### +# Seed node + +function configure_seed_os { + sudo yum -y install epel-release + sudo yum -y install ansible + sudo yum -y install git vim + + # Generate an SSH key + if [[ ! -f ~/.ssh/id_rsa ]]; then + ssh-keygen -N '' -f ~/.ssh/id_rsa + fi + ansible localhost -m authorized_key -a "user=$(whoami) key='$(cat ~/.ssh/id_rsa.pub)'" + ssh-keyscan 127.0.0.1 >> ~/.ssh/known_hosts + ssh-keyscan localhost >> ~/.ssh/known_hosts + + # Disable SELiunx + if selinuxenabled && [[ $(getenforce) = 'Enforcing' ]] ; then + echo "Disabling SELinux and rebooting. Re-run this script" + ansible localhost -b -m selinux -a 'state=disabled' + sudo reboot -f + fi +} + +function install_kolla { + # Install kolla + sudo yum -y install gcc python-devel python-pip libffi-devel openssl-devel + #sudo yum -y install centos-release-openstack-newton + #sudo yum -y install python-openstackclient python-neutronclient + + sudo pip install 'kolla<4.0.0' + set +e + sudo yum -y install patch + sudo patch -u -f /usr/share/kolla/ansible/roles/baremetal/tasks/pre-install.yml << EOF +--- /usr/share/kolla/ansible/roles/baremetal/tasks/pre-install.yml.old 2017-01-06 17:23:12.444746830 +0000 ++++ /usr/share/kolla/ansible/roles/baremetal/tasks/pre-install.yml 2017-01-06 17:22:27.864278879 +0000 +@@ -28,6 +28,7 @@ + {% for host in groups['all'] %} + {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }} {{ hostvars[host]['ansible_hostname'] }} + {% endfor %} ++ become: True + when: customize_etc_hosts | bool + + - name: ensure sudo group is present +@@ -126,7 +127,7 @@ + recurse: yes + owner: kolla + group: kolla +- mode: 755 ++ mode: 0755 + become: True + when: create_kolla_user | bool == True + +@@ -135,6 +136,6 @@ + path: /etc/kolla + state: directory + recurse: yes +- mode: 666 ++ mode: 0666 + become: True + when: create_kolla_user | bool == False +EOF + sudo patch -u -f /usr/share/kolla/ansible/roles/ironic/templates/ironic-api.json.j2 << EOF +--- /usr/share/kolla/ansible/roles/ironic/templates/ironic-api.json.j2.old 2017-01-06 13:56:52.881061188 +0000 ++++ /usr/share/kolla/ansible/roles/ironic/templates/ironic-api.json.j2 2017-01-06 14:00:21.757338271 +0000 +@@ -10,7 +10,7 @@ + ], + "permissions": [ + { +- "path": "/var/log/kolla/ironic" ++ "path": "/var/log/kolla/ironic", + "owner": "ironic:ironic", + "recurse": true + } +EOF + sudo patch -u -f /usr/share/kolla/ansible/roles/ironic/templates/ironic-conductor.json.j2 << EOF +--- /usr/share/kolla/ansible/roles/ironic/templates/ironic-conductor.json.j2.old 2017-01-06 14:28:35.048365453 +0000 ++++ /usr/share/kolla/ansible/roles/ironic/templates/ironic-conductor.json.j2 2017-01-06 14:28:44.858467071 +0000 +@@ -20,7 +20,7 @@ + "recurse": true + }, + { +- "path": "/tftpboot" ++ "path": "/tftpboot", + "owner": "ironic:ironic", + "recurse": true + } +EOF + set -e +} + +function configure_kolla { + # Configure Kolla + if [[ -d /etc/kolla ]]; then + sudo mv /etc/kolla /etc/kolla.old.$(date +%s) + fi + sudo mkdir -p /etc/kolla + sudo chown $(whoami):$(whoami) /etc/kolla + mkdir -p /etc/kolla/config /etc/kolla/inventory + cat > /etc/kolla/inventory/seed << EOF +# Simple inventory for bootstrapping Kolla control host. +[baremetal] +seed ansible_host=127.0.0.1 ansible_user=kolla +EOF + + cat > /etc/kolla/inventory/overcloud << EOF +[controllers] +# These hostname must be resolvable from your deployment host +control01 ansible_host=${CONTROLLER_IP} ansible_user=kolla ansible_become=true + +# These initial groups are the only groups required to be modified. The +# additional groups are for more control of the environment. +[control:children] +controllers + +# The network nodes are where your l3-agent and loadbalancers will run +# This can be the same as a host in the control group +[network:children] +controllers + +[compute:children] +controllers + +[monitoring:children] +controllers + +[storage:children] +controllers + +[baremetal:children] +control +network +compute +storage +monitoring + +# You can explicitly specify which hosts run each project by updating the +# groups in the sections below. Common services are grouped together. +[collectd:children] +compute + +[grafana:children] +monitoring + +[etcd:children] +control + +[influxdb:children] +monitoring + +[kibana:children] +control + +[telegraf:children] +monitoring + +[elasticsearch:children] +control + +[haproxy:children] +network + +[mariadb:children] +control + +[rabbitmq:children] +control + +[mongodb:children] +control + +[keystone:children] +control + +[glance:children] +control + +[nova:children] +control + +[neutron:children] +network + +[cinder:children] +control + +[cloudkitty:children] +control + +[memcached:children] +control + +[horizon:children] +control + +[swift:children] +control + +[barbican:children] +control + +[heat:children] +control + +[murano:children] +control + +[ironic:children] +control + +[ceph:children] +control + +[magnum:children] +control + +[sahara:children] +control + +[mistral:children] +control + +[manila:children] +control + +[ceilometer:children] +control + +[aodh:children] +control + +[congress:children] +control + +[gnocchi:children] +control + +# Tempest +[tempest:children] +control + +[senlin:children] +control + +[vmtp:children] +control + +[watcher:children] +control + +[rally:children] +control + +# Additional control implemented here. These groups allow you to control which +# services run on which hosts at a per-service level. +# +# Word of caution: Some services are required to run on the same host to +# function appropriately. For example, neutron-metadata-agent must run on the +# same host as the l3-agent and (depending on configuration) the dhcp-agent. + +# Glance +[glance-api:children] +glance + +[glance-registry:children] +glance + +# Nova +[nova-api:children] +nova + +[nova-conductor:children] +nova + +[nova-consoleauth:children] +nova + +[nova-novncproxy:children] +nova + +[nova-scheduler:children] +nova + +[nova-spicehtml5proxy:children] +nova + +[nova-compute-ironic:children] +nova + +# Neutron +[neutron-server:children] +control + +[neutron-dhcp-agent:children] +neutron + +[neutron-l3-agent:children] +neutron + +[neutron-lbaas-agent:children] +neutron + +[neutron-metadata-agent:children] +neutron + +[neutron-vpnaas-agent:children] +neutron + +# Ceph +[ceph-mon:children] +ceph + +[ceph-rgw:children] +ceph + +[ceph-osd:children] +storage + +# Cinder +[cinder-api:children] +cinder + +[cinder-backup:children] +storage + +[cinder-scheduler:children] +cinder + +[cinder-volume:children] +storage + +# Cloudkitty +[cloudkitty-api:children] +cloudkitty + +[cloudkitty-processor:children] +cloudkitty + +# iSCSI +[iscsid:children] +compute +storage +ironic-conductor + +[tgtd:children] +storage + +# Manila +[manila-api:children] +manila + +[manila-scheduler:children] +manila + +[manila-share:children] +network + +# Swift +[swift-proxy-server:children] +swift + +[swift-account-server:children] +storage + +[swift-container-server:children] +storage + +[swift-object-server:children] +storage + +# Barbican +[barbican-api:children] +barbican + +[barbican-keystone-listener:children] +barbican + +[barbican-worker:children] +barbican + +# Heat +[heat-api:children] +heat + +[heat-api-cfn:children] +heat + +[heat-engine:children] +heat + +# Murano +[murano-api:children] +murano + +[murano-engine:children] +murano + +# Ironic +[ironic-api:children] +ironic + +[ironic-conductor:children] +ironic + +[ironic-inspector:children] +ironic + +[ironic-pxe:children] +ironic + +# Magnum +[magnum-api:children] +magnum + +[magnum-conductor:children] +magnum + +# Sahara +[sahara-api:children] +sahara + +[sahara-engine:children] +sahara + +# Mistral +[mistral-api:children] +mistral + +[mistral-executor:children] +mistral + +[mistral-engine:children] +mistral + +# Ceilometer +[ceilometer-api:children] +ceilometer + +[ceilometer-central:children] +ceilometer + +[ceilometer-notification:children] +ceilometer + +[ceilometer-collector:children] +ceilometer + +[ceilometer-compute:children] +compute + +# Aodh +[aodh-api:children] +aodh + +[aodh-evaluator:children] +aodh + +[aodh-listener:children] +aodh + +[aodh-notifier:children] +aodh + +# Congress +[congress-api:children] +congress + +[congress-datasource:children] +congress + +[congress-policy-engine:children] +congress + +# Gnocchi +[gnocchi-api:children] +gnocchi + +[gnocchi-statsd:children] +gnocchi + +[gnocchi-metricd:children] +gnocchi + +# Multipathd +[multipathd:children] +compute + +# Watcher +[watcher-api:children] +watcher + +[watcher-engine:children] +watcher + +[watcher-applier:children] +watcher + +# Senlin +[senlin-api:children] +senlin + +[senlin-engine:children] +senlin +EOF + + my_ip=$(ip route get 192.168.0.1 | awk '{ print $5 }') + vip=$(python -c "import netaddr; a = netaddr.IPAddress('$my_ip'); print a+1") + my_intf=$(ip route get 192.168.0.1 | awk '{ print $3 }') + + cp /usr/share/kolla/etc_examples/kolla/* /etc/kolla + cat >> /etc/kolla/globals.yml << EOF +################################################## +# Begin overrides +################################################## + +# OpenStack distro +kolla_base_distro: "centos" +kolla_install_type: "binary" +openstack_release: "3.0.1" + +# Networking +kolla_internal_vip_address: "${vip}" +network_interface: "${my_intf}" + +# TLS +#kolla_enable_tls_external: "no" +#kolla_external_fqdn_cert: "{{ node_config_directory }}/certificates/haproxy.pem" + +# Services +enable_ironic: "yes" +EOF + + # Generate passwords + kolla-genpwd + + # Configure Kolla build + cat > /etc/kolla/template-override.j2 << EOF +{% extends parent_template %} + +# Disable troublesome keys +{% set base_yum_repo_keys_override=['http://yum.mariadb.org/RPM-GPG-KEY-MariaDB'] %} +# Disable repos with troublesome keys +{% set base_yum_repo_files_override=['MariaDB.repo'] %} +EOF + cat > /etc/kolla/kolla-build.conf << EOF +[DEFAULT] +template_override=/etc/kolla/template-override.j2 +EOF + + # Configure Bifrost + mkdir /etc/kolla/config/bifrost + cat > /etc/kolla/config/bifrost/bifrost.yml << EOF +--- +EOF + cat > /etc/kolla/config/bifrost/dib.yml << EOF +--- +dib_os_element: "centos7" +EOF + cat > /etc/kolla/config/bifrost/servers.yml << EOF +--- +EOF +} + +function bootstrap_seed_kolla { + # Bootstrap seed node + kolla-ansible bootstrap-servers -i /etc/kolla/inventory/seed -e ansible_user=$(whoami) + ansible seed -i /etc/kolla/inventory/seed -b -m authorized_key -a "user=kolla key='$(cat ~/.ssh/id_rsa.pub)'" -e ansible_user=$(whoami) + ansible seed -i /etc/kolla/inventory/seed -b -m user -a "name=$(whoami) groups=kolla,docker append=true" + ansible seed -i /etc/kolla/inventory/seed -m command -a 'docker info' + # Enable NTPd + ansible seed -i /etc/kolla/inventory/seed -b -m service -a 'name=ntpd state=started enabled=yes' +} + +function configure_seed_docker { + # TODO + echo "TODO: configure docker on seed" +} + +function deploy_bifrost { + if true ; then + # Build Bifrost image + # FIXME: sudo required because we need to log out/in for docker group + # membership to take effect. + sudo kolla-build -t source bifrost-deploy + else + # Image on Dockerhub not currently working :( + docker pull docker.io/kolla/centos-source-bifrost-deploy:3.0.1 + fi + + # Deploy Bifrost + kolla-ansible deploy-bifrost -i /etc/kolla/inventory/seed -e kolla_install_type=source +} + +function deploy_seed_node { + configure_seed_os + install_kolla + configure_kolla + bootstrap_seed_kolla + configure_seed_docker + deploy_bifrost +} + +########################################################### +# Main + +function main { + if [[ $# -ne 1 ]]; then + echo "Usage: $0 " + exit 1 + fi + CONTROLLER_IP=$1 + deploy_seed_node +} + +main $*