openstack/openstack-ansible-ops
Code Issues Proposed changes

Update MNAIO to deploy systemd-networkd

Browse Source 
With bionic we need to switch to systemd-networkd rather
than the legacy /e/n/i.  This makes the mnaio host networkd only,
since we will only be supprting xenial and beyond on the host we
can do this.  The VM's will detect the networking configuration
daemon and act appropriately.  This also brings up the IPs on
the bridges without having any interfaces attached.

Change-Id: I72283a2786316181f7ab7d8aad21ad456e9c9503
This commit is contained in:
Dave Wilde 2018-10-09 23:21:52 -05:00
parent cad0efe3f7
commit 28cdc6e72e
21 changed files with 199 additions and 846 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
multi-node-aio/playbooks/deploy-pxe.yml
View File

@ -110,55 +110,74 @@
owner: root
group: root
- name: Generate PXE network scripts for Debian Family
- name: Register network_setup fact
set_fact:
network_setup: "{{ images[default_vm_image]['network_setup'] }}"
# ENI Block
- name: Generate guest networking scripts for /e/n/i family
template:
src: "pxe/configs/debian/{{ item.src }}"
src: "pxe/configs/eni/vm-bridges.cfg.j2"
dest: /var/www/pxe/networking/{{ hostvars[item]['server_hostname'] }}-bridges.cfg
mode: "0644"
owner: root
group: root
with_items: "{{ groups['pxe_servers'] }}"
when: network_setup | lower == "eni"
- name: Generate post-install network scripts for /e/n/i family
template:
src: "pxe/configs/eni/{{ item.src }}"
dest: /var/www/pxe/{{ item.dir }}/{{ item.dest }}
mode: "0644"
owner: root
group: root
with_items:
- src: basic-interface.cfg
dest: "basic-debian-interface.cfg"
dest: basic-debian-interface.cfg
dir: networking
- src: vm-post-install-script.sh.j2
dest: "vm-post-install-debian-script.sh"
- src: eni-post-network-script.sh.j2
dest: vm-post-network-script.sh
dir: scripts
- src: general-post-install-script.sh.j2
dest: "general-post-install-debian-script.sh"
dir: scripts
when: images[default_vm_image]['image_type'] | lower == "debian"
when: network_setup | lower == "eni"
- name: Generate guest networking scripts for Debian Family
# Systemd-networkd Block
- name: Generate vm network scripts for systemd-network family
template:
src: "pxe/configs/debian/vm-bridges.cfg.j2"
dest: /var/www/pxe/networking/{{ hostvars[item]['server_hostname'] }}-bridges.cfg
src: "pxe/configs/systemd-networkd/systemd-network.sh.j2"
dest: /var/www/pxe/networking/{{ hostvars[item]['server_hostname'] }}-systemd-network.sh
mode: "0644"
owner: root
group: root
with_items: "{{ groups['pxe_servers'] }}"
when: network_setup | lower == "systemd-networkd"
- name: Generate post-install networks scripts for systemd-networkd family
template:
src: "pxe/configs/systemd-networkd/systemd-networkd-post-network-script.sh.j2"
dest: /var/www/pxe/scripts/vm-post-network-script.sh
mode: "0644"
owner: root
group: root
with_items: "{{ groups['pxe_servers'] }}"
when: network_setup | lower == "systemd-networkd"
# Debian Block
- name: Generate post-install scripts for Debian family
template:
src: "pxe/configs/debian/vm-post-install-script.sh.j2"
dest: /var/www/pxe/scripts/vm-post-install-debian-script.sh
mode: "0644"
owner: root
group: root
with_items: "{{ groups['pxe_servers'] }}"
when: images[default_vm_image]['image_type'] | lower == "debian"
- name: Generate PXE network scripts for RedHat Family
# Redhat Block
- name: Generate post-install scripts for RedHat family
template:
src: "pxe/configs/redhat/{{ item.src }}"
dest: /var/www/pxe/{{ item.dir }}/{{ item.dest }}
mode: "0644"
owner: root
group: root
with_items:
- src: vm-post-install-script.sh.j2
dest: "vm-post-install-redhat-script.sh"
dir: scripts
- src: general-post-install-script.sh.j2
dest: "general-post-install-redhat-script.sh"
dir: scripts
when: images[default_vm_image]['image_type'] | lower == "redhat"
- name: Generate systemd-network scripts for Red Hat Family
template:
src: "pxe/configs/redhat/systemd-network.sh.j2"
dest: /var/www/pxe/networking/{{ hostvars[item]['server_hostname'] }}-systemd-network.sh
src: "pxe/configs/redhat/vm-post-install-script.sh.j2"
dest: /var/www/pxe/scripts/vm-post-install-redhat-script.sh
mode: "0644"
owner: root
group: root

4
multi-node-aio/playbooks/group_vars/all.yml
View File

@ -48,6 +48,7 @@ tftp_port: 69
images:
ubuntu-18.04-amd64:
image_type: "debian"
network_setup: "systemd-networkd"
image_os: "ubuntu"
image-version: "bionic"
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical"
@ -62,6 +63,7 @@ images:
template_name: "vm-compute.config"
ubuntu-16.04-amd64:
image_type: "debian"
network_setup: "eni"
image_os: "ubuntu"
image-version: "xenial"
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical"
@ -76,6 +78,7 @@ images:
template_name: "vm-compute.config"
ubuntu-14.04-amd64:
image_type: "debian"
network_setup: "eni"
image_os: "ubuntu"
image_version: "trusty"
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical quiet splash"
@ -90,6 +93,7 @@ images:
template_name: "vm-compute.config"
centos-7-amd64:
image_type: "redhat"
network_setup: "systemd-networkd"
image_version: 7
image_netboot_kernel_url: "http://mirrors.edge.kernel.org/centos/7/os/x86_64/images/pxeboot/vmlinuz"
image_netboot_initrd_url: "http://mirrors.edge.kernel.org/centos/7/os/x86_64/images/pxeboot/initrd.img"

3
multi-node-aio/playbooks/mnaio_host/systemd-networkd-bridges-netdev.j2 Normal file
View File

@ -0,0 +1,3 @@
[NetDev]
Name={{ item.value.iface }}
Kind=bridge

16
multi-node-aio/playbooks/mnaio_host/systemd-networkd-bridges-network.j2 Normal file
View File

@ -0,0 +1,16 @@
[Match]
Name={{ item.value.iface }}
[Network]
IPForward=yes
ConfigureWithoutCarrier=true
{% if item.value.address is defined %}
Address={{ item.value.address }}
{% endif %}
{% if item.value.address_aliases is defined %}
[Address]
{% for addr in item.value.address_aliases %}
Address={{ addr }}
{% endfor %}
{% endif %}

234
multi-node-aio/playbooks/pxe/configs/debian/compute.config.j2
View File

@ -1,234 +0,0 @@
# Ubuntu Server Preseed
# Kernel Options
# Use the following option to add additional boot parameters for the
# installed system (if supported by the bootloader installer).
# Note: options passed to the installer will be added automatically.
d-i debian-installer/add-kernel-opts string biosdevname=0 net.ifnames=0 elevator=cfq
# Networking
d-i netcfg/choose_interface select eth0
d-i netcfg/dhcp_timeout string 60
d-i netcfg/get_hostname string host1
d-i netcfg/get_domain string host1.openstack.local
## USE THIS FOR STATIC NETWORKING
# d-i netcfg/disable_autoconfig boolean true
# d-i netcfg/dhcp_failed note
# d-i netcfg/dhcp_options select Configure network manually
# # Static network configuration.
# d-i netcfg/get_ipaddress string 10.0.0.100
# d-i netcfg/get_netmask string 255.255.255.0
# d-i netcfg/get_gateway string 10.0.0.200
# d-i netcfg/get_nameservers string 8.8.8.8
# d-i netcfg/confirm_static boolean true
## USE THIS FOR STATIC NETWORKING
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
# Pre Install
# Command Line 1: This is necessary otherwise you will be prompted to umount /dev/sda. See Ubuntu bug #1347726.
d-i preseed/early_command string \
umount /media || true
# The kernel image (meta) package to be installed; "none" can be used if no
# kernel is to be installed.
d-i base-installer/kernel/image string {{ default_ubuntu_kernel }}
# Localization
d-i debian-installer/locale string en
d-i debian-installer/country string US
d-i debian-installer/locale string en_US.UTF-8
d-i debian-installer/language string en
# Keyboard
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i console-setup/layoutcode string us
d-i console-setup/variantcode string
d-i keyboard-configuration/layoutcode string us
# Mirror
d-i mirror/country string manual
d-i mirror/http/proxy string {{ default_ubuntu_mirror_proxy }}
d-i mirror/http/hostname string {{ default_ubuntu_mirror_hostname }}
d-i mirror/http/directory string {{ default_ubuntu_mirror_directory }}
# Clock and Time Zone
# Controls whether to use NTP to set the clock during the install
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string ntp.ubuntu.com
# You may set this to any valid setting for TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string US/Central
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
# Partitioning
# If one of the disks that are going to be automatically partitioned
# contains an old LVM configuration, the user will normally receive a
# warning. This can be preseeded away...
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/device_remove_lvm_span boolean true
d-i partman-auto/purge_lvm_from_device boolean true
# The same applies to pre-existing software RAID array:
d-i partman-md/device_remove_md boolean true
# And the same goes for the confirmation to write the lvm partitions.
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/confirm boolean true
d-i partman-md/confirm_nooverwrite boolean true
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt
d-i partman-auto/method string lvm
d-i partman-auto/disk string /dev/sda
# For LVM partitioning, you can select how much of the volume group to use
# for logical volumes.
d-i partman-auto-lvm/guided_size string max
d-i partman-auto-lvm/new_vg_name string vg00
d-i partman-auto/choose_recipe select custompartitioning
d-i partman-auto/expert_recipe string \
custompartitioning :: \
512 1 512 ext2 \
$primary{ } \
$bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext2 } \
label{ boot } \
mountpoint{ /boot } \
. \
1024 1 100% ext4 \
$primary{ } \
method{ lvm } \
device{ /dev/sda2 } \
vg_name{ vg00 } \
. \
2048 1 4096 linux-swap \
$lvmok{ } in_vg{ vg00 } \
lv_name{ swap00 } \
method{ swap } format{ } \
. \
8192 1 16384 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ root00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
label{ root } \
mountpoint{ / } \
. \
16384 1 16384 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ openstack00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
label{ openstack } \
mountpoint{ /openstack } \
. \
16384 1 10240000 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ nova00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ xfs } \
label{ nova } \
mountpoint{ /var/lib/nova } \
. \
# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods above.
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# Packages
# Package selection
tasksel tasksel/first multiselect openssh-server
# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select full-upgrade
d-i pkgsel/include string bridge-utils \
dstat \
ethtool \
git \
htop \
ifenslave \
libvirt-bin \
lvm2 \
openssh-server \
parted \
python3-all \
python-all \
qemu-kvm \
systemd-container \
tmux \
vim \
virt-manager \
virtinst \
vlan
d-i pkgsel/update-policy select none
# Some versions of the installer can report back on what software you have
# installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most
# popular and include it on CDs.
popularity-contest popularity-contest/participate boolean false
# Users and Password
# Skip creation of a root account (normal user account will be able to
# use sudo). The default is false; preseed this to true if you want to set
# a root password.
d-i passwd/root-login boolean true
# Alternatively, to skip creation of a normal user account.
d-i passwd/make-user boolean false
# The installer will warn about weak passwords. If you are sure you know
# what you're doing and want to override it, uncomment this.
d-i user-setup/allow-password-weak boolean true
# Root password, either in clear text
d-i passwd/root-password password secrete
d-i passwd/root-password-again password secrete
# Bootloader
# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i grub-installer/bootdev string default
# Post Install
d-i preseed/late_command string \
in-target bash -c "wget --no-proxy http://{{ tftp_server }}/scripts/general-post-install-debian-script.sh -O /opt/general-post-install-script.sh"; \
in-target bash -c 'chmod +x /opt/general-post-install-script.sh'; \
in-target bash -c '/opt/general-post-install-script.sh'
# Finish
# Reboot after the install is finished.
d-i finish-install/reboot_in_progress note

15
multi-node-aio/playbooks/pxe/configs/debian/general-post-install-script.sh.j2
View File

@ -1,15 +0,0 @@
#!/usr/bin/env bash
apt-get remove --purge snap* lxc* lxd* || true
sed -i 's/\(GRUB_CMDLINE_LINUX_DEFAULT=\).*/\1\"\"/g' /target/etc/default/grub
update-grub
sed -i '/PermitRootLogin / s/ .*/ yes/' /etc/ssh/sshd_config
mkdir -p /root/.ssh
chmod 0700 /root/.ssh
echo "{{ tftp_ssh_key }}" >> /root/.ssh/authorized_keys
wget --no-proxy http://{{ tftp_server }}/networking/$(cat /etc/hostname)-bridges.cfg -O /etc/network/interfaces.d/general-bridges.cfg
wget --no-proxy http://{{ tftp_server }}/networking/basic-debian-interface.cfg -O /etc/network/interfaces

234
multi-node-aio/playbooks/pxe/configs/debian/infra.config.j2
View File

@ -1,234 +0,0 @@
# Ubuntu Server Preseed
# Kernel Options
# Use the following option to add additional boot parameters for the
# installed system (if supported by the bootloader installer).
# Note: options passed to the installer will be added automatically.
d-i debian-installer/add-kernel-opts string biosdevname=0 net.ifnames=0 elevator=cfq
# Networking
d-i netcfg/choose_interface select eth0
d-i netcfg/dhcp_timeout string 60
d-i netcfg/get_hostname string host1
d-i netcfg/get_domain string host1.openstack.local
## USE THIS FOR STATIC NETWORKING
# d-i netcfg/disable_autoconfig boolean true
# d-i netcfg/dhcp_failed note
# d-i netcfg/dhcp_options select Configure network manually
# # Static network configuration.
# d-i netcfg/get_ipaddress string 10.0.0.100
# d-i netcfg/get_netmask string 255.255.255.0
# d-i netcfg/get_gateway string 10.0.0.200
# d-i netcfg/get_nameservers string 8.8.8.8
# d-i netcfg/confirm_static boolean true
## USE THIS FOR STATIC NETWORKING
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
# Pre Install
# Command Line 1: This is necessary otherwise you will be prompted to umount /dev/sda. See Ubuntu bug #1347726.
d-i preseed/early_command string \
umount /media || true
# The kernel image (meta) package to be installed; "none" can be used if no
# kernel is to be installed.
d-i base-installer/kernel/image string {{ default_ubuntu_kernel }}
# Localization
d-i debian-installer/locale string en
d-i debian-installer/country string US
d-i debian-installer/locale string en_US.UTF-8
d-i debian-installer/language string en
# Keyboard
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i console-setup/layoutcode string us
d-i console-setup/variantcode string
d-i keyboard-configuration/layoutcode string us
# Mirror
d-i mirror/country string manual
d-i mirror/http/proxy string {{ default_ubuntu_mirror_proxy }}
d-i mirror/http/hostname string {{ default_ubuntu_mirror_hostname }}
d-i mirror/http/directory string {{ default_ubuntu_mirror_directory }}
# Clock and Time Zone
# Controls whether to use NTP to set the clock during the install
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string ntp.ubuntu.com
# You may set this to any valid setting for TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string US/Central
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
# Partitioning
# If one of the disks that are going to be automatically partitioned
# contains an old LVM configuration, the user will normally receive a
# warning. This can be preseeded away...
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/device_remove_lvm_span boolean true
d-i partman-auto/purge_lvm_from_device boolean true
# The same applies to pre-existing software RAID array:
d-i partman-md/device_remove_md boolean true
# And the same goes for the confirmation to write the lvm partitions.
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/confirm boolean true
d-i partman-md/confirm_nooverwrite boolean true
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt
d-i partman-auto/method string lvm
d-i partman-auto/disk string /dev/sda
# For LVM partitioning, you can select how much of the volume group to use
# for logical volumes.
d-i partman-auto-lvm/guided_size string max
d-i partman-auto-lvm/new_vg_name string vg00
d-i partman-auto/choose_recipe select custompartitioning
d-i partman-auto/expert_recipe string \
custompartitioning :: \
512 1 512 ext2 \
$primary{ } \
$bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext2 } \
label{ boot } \
mountpoint{ /boot } \
. \
1024 1 100% ext4 \
$primary{ } \
method{ lvm } \
device{ /dev/sda2 } \
vg_name{ vg00 } \
. \
2048 1 4096 linux-swap \
$lvmok{ } in_vg{ vg00 } \
lv_name{ swap00 } \
method{ swap } format{ } \
. \
8192 1 16384 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ root00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
label{ root } \
mountpoint{ / } \
. \
16384 1 16384 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ openstack00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
label{ openstack } \
mountpoint{ /openstack } \
. \
16384 1 10240000 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ nova00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ nova } \
mountpoint{ /var/lib/machines } \
. \
# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods above.
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# Packages
# Package selection
tasksel tasksel/first multiselect openssh-server
# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select full-upgrade
d-i pkgsel/include string bridge-utils \
dstat \
ethtool \
git \
htop \
ifenslave \
libvirt-bin \
lvm2 \
openssh-server \
parted \
python3-all \
python-all \
qemu-kvm \
systemd-container \
tmux \
vim \
virt-manager \
virtinst \
vlan
d-i pkgsel/update-policy select none
# Some versions of the installer can report back on what software you have
# installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most
# popular and include it on CDs.
popularity-contest popularity-contest/participate boolean false
# Users and Password
# Skip creation of a root account (normal user account will be able to
# use sudo). The default is false; preseed this to true if you want to set
# a root password.
d-i passwd/root-login boolean true
# Alternatively, to skip creation of a normal user account.
d-i passwd/make-user boolean false
# The installer will warn about weak passwords. If you are sure you know
# what you're doing and want to override it, uncomment this.
d-i user-setup/allow-password-weak boolean true
# Root password, either in clear text
d-i passwd/root-password password secrete
d-i passwd/root-password-again password secrete
# Bootloader
# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i grub-installer/bootdev string default
# Post Install
d-i preseed/late_command string \
in-target bash -c "wget --no-proxy http://{{ tftp_server }}/scripts/general-post-install-debian-script.sh -O /opt/general-post-install-script.sh"; \
in-target bash -c 'chmod +x /opt/general-post-install-script.sh'; \
in-target bash -c '/opt/general-post-install-script.sh'
# Finish
# Reboot after the install is finished.
d-i finish-install/reboot_in_progress note

31
multi-node-aio/playbooks/pxe/configs/debian/mnaio-bridges.cfg.j2
View File

@ -1,31 +0,0 @@
# Physical interface, could be bond. This only needs to be set once
{% for key, value in mnaio_host_networks.items() %}
{% if value.iface_port != 'none' %}
auto {{ value.iface_port }}
iface {{ value.iface_port }} inet manual
{% endif %}
{% endfor %}
{% for key, value in mnaio_host_networks.items() %}
auto {{ value.iface }}
iface {{ value.iface }} inet {{ value.inet_type }}
bridge_stp off
bridge_waitport {{ value.iface_port == 'none' | ternary('0', '10') }}
bridge_fd 0
bridge_ports {{ value.iface_port }}
offload-sg off
{% if value.address is defined %}
address {{ value.address }}
{% endif %}
{% if value.address_aliases is defined %}
{% for addr in value.address_aliases %}
auto {{ value.iface }}
iface {{ value.iface }} inet static
address {{ addr }}
{% endfor %}
{% endif %}
{% endfor %}

15
multi-node-aio/playbooks/pxe/configs/debian/mnaio-post-install-script.sh.j2
View File

@ -1,15 +0,0 @@
#!/usr/bin/env bash
apt-get remove --purge snap* lxc* lxd* || true
sed -i 's/\(GRUB_CMDLINE_LINUX_DEFAULT=\).*/\1\"\"/g' /target/etc/default/grub
update-grub
sed -i '/PermitRootLogin / s/ .*/ yes/' /etc/ssh/sshd_config
mkdir -p /root/.ssh
chmod 0700 /root/.ssh
echo "{{ tftp_ssh_key }}" >> /root/.ssh/authorized_keys
wget --no-proxy http://{{ tftp_server }}/networking/mnaio-bridges.cfg -O /etc/network/interfaces.d/mnaio-bridges.cfg
wget --no-proxy http://{{ tftp_server }}/networking/basic-debian-interface.cfg -O /etc/network/interfaces

244
multi-node-aio/playbooks/pxe/configs/debian/mnaio.config.j2
View File

@ -1,244 +0,0 @@
# Ubuntu Server Preseed
# Kernel Options
# Use the following option to add additional boot parameters for the
# installed system (if supported by the bootloader installer).
# Note: options passed to the installer will be added automatically.
d-i debian-installer/add-kernel-opts string biosdevname=0 net.ifnames=0 elevator=cfq
# Networking
d-i netcfg/choose_interface select eth0
d-i netcfg/dhcp_timeout string 60
d-i netcfg/get_hostname string host1
d-i netcfg/get_domain string host1.openstack.local
## USE THIS FOR STATIC NETWORKING
# d-i netcfg/disable_autoconfig boolean true
# d-i netcfg/dhcp_failed note
# d-i netcfg/dhcp_options select Configure network manually
# # Static network configuration.
# d-i netcfg/get_ipaddress string 10.0.0.100
# d-i netcfg/get_netmask string 255.255.255.0
# d-i netcfg/get_gateway string 10.0.0.200
# d-i netcfg/get_nameservers string 8.8.8.8
# d-i netcfg/confirm_static boolean true
## USE THIS FOR STATIC NETWORKING
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
# Pre Install
# Command Line 1: This is necessary otherwise you will be prompted to umount /dev/sda. See Ubuntu bug #1347726.
d-i preseed/early_command string \
umount /media || true
# The kernel image (meta) package to be installed; "none" can be used if no
# kernel is to be installed.
d-i base-installer/kernel/image string {{ default_ubuntu_kernel }}
# Localization
d-i debian-installer/locale string en
d-i debian-installer/country string US
d-i debian-installer/locale string en_US.UTF-8
d-i debian-installer/language string en
# Keyboard
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i console-setup/layoutcode string us
d-i console-setup/variantcode string
d-i keyboard-configuration/layoutcode string us
# Mirror
d-i mirror/country string manual
d-i mirror/http/proxy string {{ default_ubuntu_mirror_proxy }}
d-i mirror/http/hostname string {{ default_ubuntu_mirror_hostname }}
d-i mirror/http/directory string {{ default_ubuntu_mirror_directory }}
# Clock and Time Zone
# Controls whether to use NTP to set the clock during the install
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server string ntp.ubuntu.com
# You may set this to any valid setting for TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string US/Central
# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
# Partitioning
# If one of the disks that are going to be automatically partitioned
# contains an old LVM configuration, the user will normally receive a
# warning. This can be preseeded away...
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/device_remove_lvm_span boolean true
d-i partman-auto/purge_lvm_from_device boolean true
# The same applies to pre-existing software RAID array:
d-i partman-md/device_remove_md boolean true
# And the same goes for the confirmation to write the lvm partitions.
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-auto/method string lvm
d-i partman-auto/disk string /dev/sda
# For LVM partitioning, you can select how much of the volume group to use
# for logical volumes.
d-i partman-auto-lvm/guided_size string max
d-i partman-auto-lvm/new_vg_name string vg00
d-i partman-auto/choose_recipe select custompartitioning
d-i partman-auto/expert_recipe string \
custompartitioning :: \
512 1 512 ext2 \
$primary{ } \
$bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext2 } \
label{ boot } \
mountpoint{ /boot } \
. \
1024 1 100% ext4 \
$primary{ } \
method{ lvm } \
device{ /dev/sda2 } \
vg_name{ vg00 } \
. \
2048 1 4096 linux-swap \
$lvmok{ } in_vg{ vg00 } \
lv_name{ swap00 } \
method{ swap } format{ } \
. \
8192 1 16384 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ root00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
label{ root } \
mountpoint{ / } \
. \
16384 1 16384 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ openstack00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
label{ openstack } \
mountpoint{ /openstack } \
. \
{% if default_container_tech == 'nspawn' %}
8192 1 24576 btrfs \
$lvmok{ } in_vg{ vg00 } \
lv_name{ machines00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ machines } \
mountpoint{ /var/lib/machines } \
. \
{% elif default_container_tech == 'lxc' %}
4096 1 8192 btrfs \
$lvmok{ } in_vg{ vg00 } \
lv_name{ machines00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ btrfs } \
label{ machines } \
mountpoint{ /var/lib/machines } \
. \
8192 1 10240000 ext4 \
$lvmok{ } in_vg{ vg00 } \
lv_name{ lxc00 } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
label{ lxc } \
mountpoint{ /var/lib/lxc } \
. \
{% endif %}
# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods above.
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# Packages
# Package selection
tasksel tasksel/first multiselect openssh-server
# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select full-upgrade
d-i pkgsel/include string bridge-utils \
dstat \
ethtool \
git \
htop \
ifenslave \
libvirt-bin \
lvm2 \
openssh-server \
parted \
python3-all \
python-all \
qemu-kvm \
systemd-container \
tmux \
vim \
virt-manager \
virtinst \
vlan
d-i pkgsel/update-policy select none
# Some versions of the installer can report back on what software you have
# installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most
# popular and include it on CDs.
popularity-contest popularity-contest/participate boolean false
# Users and Password
# Skip creation of a root account (normal user account will be able to
# use sudo). The default is false; preseed this to true if you want to set
# a root password.
d-i passwd/root-login boolean true
# Alternatively, to skip creation of a normal user account.
d-i passwd/make-user boolean false
# The installer will warn about weak passwords. If you are sure you know
# what you're doing and want to override it, uncomment this.
d-i user-setup/allow-password-weak boolean true
# Root password, either in clear text
d-i passwd/root-password password secrete
d-i passwd/root-password-again password secrete
# Bootloader
# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i grub-installer/bootdev string default
# Post Install
d-i preseed/late_command string \
in-target bash -c "wget --no-proxy http://{{ tftp_server }}/scripts/mnaio-post-install-debian-script.sh -O /opt/mnaio-post-install-script.sh"; \
in-target bash -c 'chmod +x /opt/mnaio-post-install-script.sh'; \
in-target bash -c '/opt/mnaio-post-install-script.sh'
# Finish
# Reboot after the install is finished.
d-i finish-install/reboot_in_progress note

2
multi-node-aio/playbooks/pxe/configs/debian/vm-compute.config.j2
View File

@ -211,7 +211,9 @@ d-i grub-installer/only_debian boolean true
d-i preseed/late_command string \
in-target bash -c "wget --no-proxy http://{{ tftp_server }}/scripts/vm-post-install-debian-script.sh -O /opt/vm-post-install-script.sh"; \
in-target bash -c "wget --no-proxy http://{{ tftp_server }}/scripts/vm-post-network-script.sh -O /opt/vm-post-network-script.sh"; \
in-target bash -c 'chmod +x /opt/vm-post-install-script.sh'; \
in-target bash -c 'chmod +x /opt/vm-post-network-script.sh'; \
in-target bash -c '/opt/vm-post-install-script.sh'
# Finish

28
multi-node-aio/playbooks/pxe/configs/debian/vm-post-install-script.sh.j2
View File

@ -11,30 +11,4 @@ mkdir -p /root/.ssh
chmod 0700 /root/.ssh
echo "{{ tftp_ssh_key }}" >> /root/.ssh/authorized_keys
wget --no-proxy http://{{ tftp_server }}/networking/$(cat /etc/hostname)-bridges.cfg -O /etc/network/interfaces.d/vm-bridges.cfg
wget --no-proxy http://{{ tftp_server }}/networking/basic-debian-interface.cfg -O /etc/network/interfaces
# Trusty VMs seem to have their interfaces file overwritten after we write to
# it, so we make it immutable to ensure no further changes take place
# NOTE: We remove the immutable attr in deploy-vms.yml once the instance is up
# and accessible.
[[ "$(lsb_release -sc)" == "trusty" ]] && chattr +i /etc/network/interfaces
cat > /etc/network/if-up.d/post-up-rules <<EOF
#!/usr/bin/env bash
function iptables_filter_rule_add {
if ! iptables -w -t $1 -C $2;then
/sbin/iptables -w -t $1 -I $2
fi
}
# To ensure ssh checksum is correct
iptables_filter_rule_add "mangle" "POSTROUTING -p tcp --dport 22 -j CHECKSUM --checksum-fill"
# To provide internet connectivity to instances
iptables_filter_rule_add "nat" "POSTROUTING -o \$(ip route get 1 | awk '{print $5}') -j MASQUERADE"
# Make sure instances can talk to the metadata server
iptables_filter_rule_add "mangle" "POSTROUTING -p tcp --sport 80 -j CHECKSUM --checksum-fill"
EOF
chmod + /etc/network/if-up.d/post-up-rules
/opt/vm-post-network-script.sh

2
multi-node-aio/playbooks/pxe/configs/debian/vm.config.j2
View File

@ -242,7 +242,9 @@ d-i grub-installer/only_debian boolean true
d-i preseed/late_command string \
in-target bash -c "wget --no-proxy http://{{ tftp_server }}/scripts/vm-post-install-debian-script.sh -O /opt/vm-post-install-script.sh"; \
in-target bash -c "wget --no-proxy http://{{ tftp_server }}/scripts/vm-post-network-script.sh -O /opt/vm-post-network-script.sh"; \
in-target bash -c 'chmod +x /opt/vm-post-install-script.sh'; \
in-target bash -c 'chmod +x /opt/vm-post-network-script.sh'; \
in-target bash -c '/opt/vm-post-install-script.sh'
# Finish

0
multi-node-aio/playbooks/pxe/configs/debian/basic-interface.cfg → multi-node-aio/playbooks/pxe/configs/eni/basic-interface.cfg
View File

30
multi-node-aio/playbooks/pxe/configs/eni/eni-post-network-script.sh.j2 Normal file
View File

@ -0,0 +1,30 @@
#!/usr/bin/env bash
wget --no-proxy http://{{ tftp_server }}/networking/$(cat /etc/hostname)-bridges.cfg -O /etc/network/interfaces.d/vm-bridges.cfg
wget --no-proxy http://{{ tftp_server }}/networking/basic-debian-interface.cfg -O /etc/network/interfaces
# Trusty VMs seem to have their interfaces file overwritten after we write to
# it, so we make it immutable to ensure no further changes take place
# NOTE: We remove the immutable attr in deploy-vms.yml once the instance is up
# and accessible.
[[ "$(lsb_release -sc)" == "trusty" ]] && chattr +i /etc/network/interfaces
cat > /etc/network/if-up.d/post-up-rules <<EOF
#!/usr/bin/env bash
function iptables_filter_rule_add {
if ! iptables -w -t $1 -C $2;then
/sbin/iptables -w -t $1 -I $2
fi
}
# To ensure ssh checksum is correct
iptables_filter_rule_add "mangle" "POSTROUTING -p tcp --dport 22 -j CHECKSUM --checksum-fill"
# To provide internet connectivity to instances
iptables_filter_rule_add "nat" "POSTROUTING -o \$(ip route get 1 | awk '{print $5}') -j MASQUERADE"
# Make sure instances can talk to the metadata server
iptables_filter_rule_add "mangle" "POSTROUTING -p tcp --sport 80 -j CHECKSUM --checksum-fill"
EOF
chmod + /etc/network/if-up.d/post-up-rules

0
multi-node-aio/playbooks/pxe/configs/debian/vm-bridges.cfg.j2 → multi-node-aio/playbooks/pxe/configs/eni/vm-bridges.cfg.j2
View File

6
multi-node-aio/playbooks/pxe/configs/redhat/vm-compute.config.j2
View File

@ -56,8 +56,8 @@ chmod 0600 /root/.ssh/authorized_keys
# set apt-cacher-ng proxy
sed -i '/\[main\]/a proxy={{ default_proxy_url }}' /etc/yum.conf
wget --no-proxy http://{{ tftp_server }}/scripts/general-post-install-redhat-script.sh -O /opt/general-post-install-script.sh
chmod +x /opt/general-post-install-script.sh
/opt/general-post-install-script.sh
wget --no-proxy http://{{ tftp_server }}/scripts/vm-post-install-redhat-script.sh -O /opt/vm-post-install-script.sh
chmod +x /opt/vm-post-install-script.sh
/opt/vm-post-install-script.sh
) > /root/post_install.log 2>&1
%end

0
multi-node-aio/playbooks/pxe/configs/redhat/systemd-network.sh.j2 → multi-node-aio/playbooks/pxe/configs/systemd-networkd/systemd-network.sh.j2
View File

0
multi-node-aio/playbooks/pxe/configs/redhat/general-post-install-script.sh.j2 → multi-node-aio/playbooks/pxe/configs/systemd-networkd/systemd-networkd-post-network-script.sh.j2
View File

34
multi-node-aio/playbooks/setup-host.yml
View File

@ -249,25 +249,35 @@
when:
- ansible_distribution | lower == 'ubuntu'
- name: Drop host network interfaces
- name: Deploy systemd-networkd bridge devices
template:
src: "pxe/configs/{{ ansible_os_family | lower }}/mnaio-bridges.cfg.j2"
dest: /etc/network/interfaces.d/mnaio-bridges.cfg
src: "mnaio_host/systemd-networkd-bridges-netdev.j2"
dest: /etc/systemd/network/{{ item.value.iface }}.netdev
mode: "0644"
owner: root
group: root
with_dict:
- "{{ mnaio_host_networks }}"
register: mnaio_bridges
- name: Ensure extra interfaces are sourced
lineinfile:
line: "source /etc/network/interfaces.d/*.cfg"
dest: "/etc/network/interfaces"
regexp: "^source /etc/network/interfaces.d/.*"
- name: Deploy systemd-networkd bridge networks
template:
src: "mnaio_host/systemd-networkd-bridges-network.j2"
dest: /etc/systemd/network/{{ item.value.iface }}.network
mode: "0644"
owner: root
group: root
with_dict:
- "{{ mnaio_host_networks }}"
register: mnaio_bridges
- name: Set the host interfaces up
command: "/sbin/ifup {{ item.value.iface }}"
with_dict: "{{ mnaio_host_networks }}"
when: mnaio_bridges is changed
- name: Restart the systemd-networkd daemon to load new networks
systemd:
name: systemd-networkd
daemon_reload: yes
state: restarted
when:
- mnaio_bridges is changed
- name: Disable default virt network
virt_net:

66
multi-node-aio/playbooks/test-host.yml Normal file
View File

@ -0,0 +1,66 @@
---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in witing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather facts
hosts: vm_hosts
gather_facts: "{{ gather_facts | default(true) }}"
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- setup-host
tasks:
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- "{{ playbook_dir }}/vars/{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
- "{{ playbook_dir }}/vars/{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ playbook_dir }}/vars/{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
- "{{ playbook_dir }}/vars/{{ ansible_distribution | lower }}.yml"
- "{{ playbook_dir }}/vars/{{ ansible_os_family | lower }}.yml"
tags:
- always
- name: Check for networkd
set_fact:
networking_system: "systemd-networkd"
when:
- "ansible_distribution_major_version is version('18', '>=')"
- name: Fall back on /e/n/i
set_fact:
networking_system: "eni"
when:
- "ansible_distribution_major_version is version('18', '<')"
- name: Deploy systemd-networkd bridge devices
template:
src: "pxe/configs/{{ ansible_os_family | lower }}/systemd-networkd-bridges-netdev.j2"
dest: /tmp/{{ item.value.iface }}.netdev
mode: "0644"
owner: root
group: root
with_dict:
- "{{ mnaio_host_networks }}"
register: mnaio_bridges
- name: Deploy systemd-networkd bridge networks
template:
src: "pxe/configs/{{ ansible_os_family | lower }}/systemd-networkd-bridges-network.j2"
dest: /tmp/{{ item.value.iface }}.network
mode: "0644"
owner: root
group: root
with_dict:
- "{{ mnaio_host_networks }}"
register: mnaio_bridges