diff --git a/multi-node-aio-xenial-ansible/LICENSE.txt b/multi-node-aio-xenial-ansible/LICENSE.txt new file mode 100644 index 00000000..8863b74f --- /dev/null +++ b/multi-node-aio-xenial-ansible/LICENSE.txt @@ -0,0 +1,229 @@ +Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +------------------------------------------------------------------------------- + +The MIT License (MIT) + +Copyright (c) [year] [fullname] + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +Files in this project licensed under the MIT license: + + - playbooks/plugins/callbacks/profile_tasks.py diff --git a/multi-node-aio-xenial-ansible/README.rst b/multi-node-aio-xenial-ansible/README.rst new file mode 100644 index 00000000..9f52d636 --- /dev/null +++ b/multi-node-aio-xenial-ansible/README.rst @@ -0,0 +1,15 @@ +OpenStack-Ansible Multi-Node AIO Xenial Ansible +################################################ +:date: 2016-02-23 +:tags: rackspace, openstack, ansible +:category: \*openstack, \*nix + + +About this repository +--------------------- + +This is a re-engineered version of the Multi-Node AIO Cobbler has been removed +and replaced with Ansible to do the deploy of the KVM virtual machines. With time the intent here is to +replace the bash which deploys this all with Ansible. + +Trusty will not be supported. diff --git a/multi-node-aio-xenial-ansible/build.sh b/multi-node-aio-xenial-ansible/build.sh new file mode 100755 index 00000000..37ebb65b --- /dev/null +++ b/multi-node-aio-xenial-ansible/build.sh @@ -0,0 +1,48 @@ +#!/usr/bin/env bash +set -eu +# Copyright [2016] [Kevin Carter] +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Load all functions +source functions.rc + +# bring in variable definitions if there is a variables.sh file +[[ -f variables.sh ]] && source variables.sh + +# Provide defaults for unset variables +# Set first two octets of network used for containers, storage, etc +NETWORK_BASE=${NETWORK_BASE:-172.29} + +# Instruct the system do all of the require host setup +SETUP_HOST=${SETUP_HOST:-true} +[[ "${SETUP_HOST}" = true ]] && source setup-host.sh + +SETUP_PXEBOOT=${SETUP_PXEBOOT:-true} +[[ "${SETUP_PXEBOOT}" = true ]] && source setup-pxeboot.sh + +# Instruct the system do all of the virsh setup +SETUP_VIRSH_NET=${SETUP_VIRSH_NET:-true} +[[ "${SETUP_VIRSH_NET}" = true ]] && source setup-virsh-net.sh + +# Instruct the system to create and boot all of the VMs +CREATE_VMS=${CREATE_VMS:-true} +[[ "${CREATE_VMS}" = true ]] && source no-cobbler-create-vms.sh + +# Instruct the system to configure all of the VMs +CONFIGURE_VMS=${CONFIGURE_VMS:-true} +[[ "${CONFIGURE_VMS}" = true ]] && source no-cobbler-configure-vms.sh + +# Instruct the system to deploy OpenStack Ansible +DEPLOY_OSA=${DEPLOY_OSA:-true} +[[ "${DEPLOY_OSA}" = true ]] && source deploy-osa.sh diff --git a/multi-node-aio-xenial-ansible/deploy-osa.sh b/multi-node-aio-xenial-ansible/deploy-osa.sh new file mode 100755 index 00000000..c18bcb28 --- /dev/null +++ b/multi-node-aio-xenial-ansible/deploy-osa.sh @@ -0,0 +1,150 @@ +#!/usr/bin/env bash +# Copyright [2016] [Kevin Carter] +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +MAX_RETRIES=${MAX_RETRIES:-5} + +# Load all functions +source functions.rc + +# bring in variable definitions if there is a variables.sh file +[[ -f variables.sh ]] && source variables.sh + +# Provide defaults for unset variables +# Set first two octets of network used for containers, storage, etc +NETWORK_BASE=${NETWORK_BASE:-172.29} + +# Reset the ssh-agent service to remove potential key issues +ssh_agent_reset + +# Install git and tmux for use within the OSA deploy +apt-get install -y git tmux + +# Clone the OSA source code +git clone https://git.openstack.org/openstack/openstack-ansible /opt/openstack-ansible || true + +# Ensure the "/etc/openstack_deploy" exists +mkdir_check "/etc/openstack_deploy" + +pushd /opt/openstack-ansible/ + # Fetch all current refs + git fetch --all + + # Checkout the OpenStack-Ansible branch + git checkout "${OSA_BRANCH:-master}" + + # Copy the etc files into place + cp -vR etc/openstack_deploy/* /etc/openstack_deploy/ +popd + +# Create a secondary static inventory for hosts +ansible_static_inventory "/opt/ansible-static-inventory.ini" + +# Create the OpenStack User Config +HOSTIP="$(ip route get 1 | awk '{print $NF;exit}')" +sed -e "s/__HOSTIP__/${HOSTIP}/g" -e "s/__NETWORK_BASE__/${NETWORK_BASE}/g" templates/openstack_user_config.yml > /etc/openstack_deploy/openstack_user_config.yml + +# Create the swift config: function group_name host_type +cp -v templates/osa-swift.yml /etc/openstack_deploy/conf.d/swift.yml + + +### =========== WRITE OF conf.d FILES =========== ### +# Setup cinder hosts: function group_name host_type +write_osa_general_confd storage-infra_hosts cinder +write_osa_cinder_confd storage_hosts cinder + +# Setup nova hosts: function group_name host_type +write_osa_general_confd compute_hosts nova_compute + +# Setup infra hosts: function group_name host_type +write_osa_general_confd identity_hosts infra +write_osa_general_confd repo-infra_hosts infra +write_osa_general_confd os-infra_hosts infra +write_osa_general_confd shared-infra_hosts infra + +# Setup logging hosts: function group_name host_type +write_osa_general_confd log_hosts logging + +# Setup network hosts: function group_name host_type +write_osa_general_confd network_hosts infra + +# Setup swift hosts: function group_name host_type +write_osa_swift_proxy_confd swift-proxy_hosts swift +write_osa_swift_storage_confd swift_hosts swift +### =========== END WRITE OF conf.d FILES =========== ### + +# Enable pre-config the OSA enviroment for deploying OSA. +PRE_CONFIG_OSA=${PRE_CONFIG_OSA:-true} +if [[ "${PRE_CONFIG_OSA}" = true ]]; then + pushd /opt/openstack-ansible/ + # Bootstrap ansible into the environment + bash ./scripts/bootstrap-ansible.sh + + # Generate the passwords for the environment + python ./scripts/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml + + # This is happening so the VMs running the infra use less storage + osa_user_var_add lxc_container_backing_store 'lxc_container_backing_store: dir' + + # Tempest is being configured to use a known network + osa_user_var_add tempest_public_subnet_cidr 'tempest_public_subnet_cidr: '${NETWORK_BASE}'.248.0/22' + + # This makes running neutron in a distributed system easier and a lot less noisy + osa_user_var_add neutron_l2_population 'neutron_l2_population: True' + + # This makes the glance image store use swift instead of the file backend + osa_user_var_add glance_default_store 'glance_default_store: swift' + + # Propagate host proxy settings (if set) into /etc/environment in the targets + if [ -n "$http_proxy" ]; then + osa_user_var_add proxy_env_url 'proxy_env_url: '${http_proxy} + osa_user_var_add no_proxy_env 'no_proxy_env: "localhost,127.0.0.1,{{ internal_lb_vip_address }},{{ external_lb_vip_address }},{% for host in groups['\''all_containers'\''] %}{{ hostvars[host]['\''container_address'\''] }}{% if not loop.last %},{% endif %}{% endfor %}"' + osa_user_var_add global_environment_variables 'global_environment_variables:' + osa_user_var_add ' HTTP_PROXY:' ' HTTP_PROXY: "{{ proxy_env_url }}"' + osa_user_var_add ' HTTPS_PROXY:' ' HTTPS_PROXY: "{{ proxy_env_url }}"' + osa_user_var_add ' NO_PROXY:' ' NO_PROXY: "{{ no_proxy_env }}"' + osa_user_var_add ' http_proxy:' ' http_proxy: "{{ proxy_env_url }}"' + osa_user_var_add ' https_proxy:' ' https_proxy: "{{ proxy_env_url }}"' + osa_user_var_add ' no_proxy:' ' no_proxy: "{{ no_proxy_env }}"' + # Propagate proxy setting to glance api conf. Note the unusual format - instead of the typical + # http_proxy=http://proxy.example.com ; https_proxy=http://proxy.example.com + # it uses + # http:proxy.example.com, https:proxy.example.com + # + osa_user_var_add glance_glance_api_conf_overrides 'glance_glance_api_conf_overrides:' + osa_user_var_add ' glance_store' ' glance_store:' + osa_user_var_add ' http_proxy_information' " http_proxy_information: \"http:${http_proxy#http://}, https:${http_proxy#http://}\"" + fi + popd +fi + +# Enable deploy OSA of the "${RUN_OSA}" +RUN_OSA=${RUN_OSA:-true} +if [[ "${RUN_OSA}" = true ]]; then + # Set the number of forks for the ansible client calls + export ANSIBLE_FORKS=${ANSIBLE_FORKS:-15} + + pushd /opt/openstack-ansible + export DEPLOY_AIO=true + bash ./scripts/run-playbooks.sh + popd + + EXEC_DIR="$(pwd)" + pushd /opt/openstack-ansible/playbooks + if [[ -f "/usr/local/bin/openstack-ansible.rc" ]]; then + source /usr/local/bin/openstack-ansible.rc + fi + ansible -m script -a "${EXEC_DIR}/openstack-service-setup.sh ${NETWORK_BASE}" 'utility_all[0]' + popd +fi diff --git a/multi-node-aio-xenial-ansible/functions.rc b/multi-node-aio-xenial-ansible/functions.rc new file mode 100755 index 00000000..13b94995 --- /dev/null +++ b/multi-node-aio-xenial-ansible/functions.rc @@ -0,0 +1,241 @@ +#!/usr/bin/env bash +# Copyright [2016] [Kevin Carter] +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +function mkdir_check { + if [ ! -d "$1" ];then + mkdir -p "$1" + fi +} + +function ssh_agent_reset { + # If you were running ssh-agent with forwarding this will clear out the keys + # in your cache which can cause confusion. + if pgrep ssh-agent; then + killall ssh-agent; eval `ssh-agent` + fi +} + +function iptables_general_rule_add { +if ! iptables -w -C $1;then + iptables -w -I $1 +fi +} + +function iptables_filter_rule_add { +if ! iptables -w -t $1 -C $2;then + iptables -w -t $1 -I $2 +fi +} + +function get_host_type { +python < /dev/null; do + sleep 15 + done +done +} + +function rekick_vms { +# If you pass the short name of the host to the function it will only force rekick just the ONE host. +# Set the VM disk size in gigabytes +VM_DISK_SIZE="${VM_DISK_SIZE:-252}" +for node in ${1:-$(get_all_hosts)}; do + for node_name in $(virsh list --all --name | grep "${node%%":"*}"); do + virsh destroy "${node_name}" || true + done + # Instruct the system to run the image create. + # If you have the option ``VM_IMAGE_CREATE=true`` the system will reformat the disk image + # destroying anything that was it image previously. + VM_IMAGE_CREATE=${VM_IMAGE_CREATE:-true} + if [[ "${VM_IMAGE_CREATE}" = true ]]; then + qemu-img create -f qcow2 \ + -o preallocation=metadata,compat=1.1,lazy_refcounts=on \ + /var/lib/libvirt/images/${node%%":"*}.openstackci.local.img \ + "${VM_DISK_SIZE}G" + fi + VM_NAME=$(virsh list --all --name | grep "${node%%":"*}" || echo "") + if [[ -z "${VM_NAME}" ]]; then + virsh define /etc/libvirt/qemu/${node%%":"*}.openstackci.local.xml || true + virsh create /etc/libvirt/qemu/${node%%":"*}.openstackci.local.xml || true + else + virsh start "${VM_NAME}" + fi +done +} + +function write_osa_general_confd { +CONFD_FILE="/etc/openstack_deploy/conf.d/${1}.yml" +echo "## DO NOT WRITE TO THIS FILE, CHANGES WILL BE LOST!" > ${CONFD_FILE} +echo "---" >> ${CONFD_FILE} +echo "$1:" >> ${CONFD_FILE} +for node in $(get_host_type ${2}); do +echo " ${node%%':'*}:" >> ${CONFD_FILE} +echo " ip: ${NETWORK_BASE}.236.${node#*":"}" >> ${CONFD_FILE} +done +} + +function write_osa_cinder_confd { +CONFD_FILE="/etc/openstack_deploy/conf.d/${1}.yml" +echo "## DO NOT WRITE TO THIS FILE, CHANGES WILL BE LOST!" > ${CONFD_FILE} +echo "---" >> ${CONFD_FILE} +echo "$1:" >> ${CONFD_FILE} +for node in $(get_host_type ${2}); do +echo " ${node%%':'*}:" >> ${CONFD_FILE} +echo " ip: ${NETWORK_BASE}.236.${node#*":"}" >> ${CONFD_FILE} +cat >> ${CONFD_FILE} < ${CONFD_FILE} +echo "---" >> ${CONFD_FILE} +echo "$1:" >> ${CONFD_FILE} +for node in $(get_host_type ${2}); do +echo " ${node%%':'*}:" >> ${CONFD_FILE} +echo " ip: ${NETWORK_BASE}.236.${node#*":"}" >> ${CONFD_FILE} +cat >> ${CONFD_FILE} < ${CONFD_FILE} +echo "---" >> ${CONFD_FILE} +echo "$1:" >> ${CONFD_FILE} +for node in $(get_host_type ${2}); do +echo " ${node%%':'*}:" >> ${CONFD_FILE} +echo " ip: ${NETWORK_BASE}.236.${node#*":"}" >> ${CONFD_FILE} +cat >> ${CONFD_FILE} < ${CONFD_FILE} +for node_type in $(get_all_types); do + echo "[${node_type}]" >> ${CONFD_FILE} + for node in $(get_host_type ${node_type}); do + echo "10.0.0.${node#*":"}" >> ${CONFD_FILE} + done +done +} + +function install_bits { +successerator openstack-ansible $@ +} + +function successerator { +set +e +# Get the time taht the method was started +OP_START_TIME=$(date +%s) +#Set the initial return value to failure. +false +for ((RETRY=0; $? != 0 && RETRY < MAX_RETRIES; RETRY++)); do + if [ ${RETRY} -gt 1 ]; then + $@ -vvvv + else + $@ + fi +done + +# If max retries were hit, fail. +if [ $? -ne 0 && [ ${RETRY} -eq ${MAX_RETRIES} ];then + echo -e "\n Hit maximum number of retries, giving up..\n" + exit +fi + +# Print the time that the method completed. +OP_TOTAL_SECONDS="$(( $(date +%s) - OP_START_TIME ))" +REPORT_OUTPUT="${OP_TOTAL_SECONDS} seconds" +REPORT_DATA+="- Operation: [ $@ ]\t${REPORT_OUTPUT}\tNumber of Attempts [ ${RETRY} ]\n" +echo -e "Run Time = ${REPORT_OUTPUT}" +set -e +} + +# Return 1 if the second argument is a substring of the first argument, otherwise return 0 +contains() { + string="$1" + substring="$2" + if test "${string#*$substring}" == "$string" + then + echo 0 # $substring is not in $string + else + echo 1 # $substring is in $string + fi +} diff --git a/multi-node-aio-xenial-ansible/hosts.json b/multi-node-aio-xenial-ansible/hosts.json new file mode 100644 index 00000000..b4ce5aeb --- /dev/null +++ b/multi-node-aio-xenial-ansible/hosts.json @@ -0,0 +1,23 @@ +{ + "cinder": { + "cinder1": "140", + "cinder2": "141" + }, + "infra": { + "infra1": "100", + "infra2": "101", + "infra3": "102" + }, + "logging": { + "logging1": "110" + }, + "nova_compute": { + "compute1": "130", + "compute2": "131" + }, + "swift": { + "swift1": "150", + "swift2": "151", + "swift3": "152" + } +} diff --git a/multi-node-aio-xenial-ansible/no-cobbler-configure-vms.sh b/multi-node-aio-xenial-ansible/no-cobbler-configure-vms.sh new file mode 100644 index 00000000..319d1cbd --- /dev/null +++ b/multi-node-aio-xenial-ansible/no-cobbler-configure-vms.sh @@ -0,0 +1,53 @@ +#!/usr/bin/env bash +set -eu +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Load all functions +source functions.rc + +# bring in variable definitions if there is a variables.sh file +[[ -f variables.sh ]] && source variables.sh + +# Reset the ssh-agent service to remove potential key issues +ssh_agent_reset + +# Wait here for all nodes to be booted and ready with SSH +wait_ssh + +# Export all system keys +mkdir -p /tmp/keys +for i in $(apt-key list | awk '/pub/ {print $2}' | awk -F'/' '{print $2}'); do + apt-key export "$i" > "/tmp/keys/$i" +done + +# Ensure that all running VMs have an updated apt-cache with keys +# and copy our http proxy settings into each VM (in the environment and apt.conf) +for node in $(get_all_hosts); do + ssh -q -n -f -o StrictHostKeyChecking=no 10.0.0.${node#*":"} "mkdir -p /tmp/keys; \ + echo \"http_proxy=$http_proxy\" >> /etc/environment; \ + echo \"https_proxy=$https_proxy\" >> /etc/environment; \ + echo \"no_proxy=localhost,127.0.0.1,10.0.0.200\" >> /etc/environment; \ + echo \"Acquire::http::Proxy \\\"$http_proxy\\\";\" >> /etc/apt/apt.conf" + + for i in /etc/apt/apt.conf.d/00-nokey /etc/apt/sources.list /etc/apt/sources.list.d/* /tmp/keys/*; do + if [[ -f "$i" ]]; then + scp "$i" "10.0.0.${node#*":"}:$i" + fi + done + ssh -q -n -f -o StrictHostKeyChecking=no 10.0.0.${node#*":"} "(for i in /tmp/keys/*; do \ + apt-key add \$i; \ + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys \$(basename \$i); done); \ + apt-get clean; \ + apt-get update" +done diff --git a/multi-node-aio-xenial-ansible/no-cobbler-create-vms.sh b/multi-node-aio-xenial-ansible/no-cobbler-create-vms.sh new file mode 100644 index 00000000..c77d27a2 --- /dev/null +++ b/multi-node-aio-xenial-ansible/no-cobbler-create-vms.sh @@ -0,0 +1,50 @@ +#!/usr/bin/env bash +set -eu +# Copyright [2016] [Kevin Carter] +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Load all functions +source functions.rc + +# bring in variable definitions if there is a variables.sh file +[[ -f variables.sh ]] && source variables.sh + +# Reset the ssh-agent service to remove potential key issues +ssh_agent_reset +# Set the default preseed device name. +# This is being set because sda is on hosts, vda is kvm, xvda is xen. +DEVICE_NAME="${DEVICE_NAME:-vda}" + +# Set Ethernet type +ETH_TYPE="${ETH_TYPE:-ens}" + +# Create VM Basic Configuration files +for node_type in $(get_all_types); do + for node in $(get_host_type ${node_type}); do + cp -v "templates/vmnode-config/${node_type}.openstackci.local.xml" /etc/libvirt/qemu/${node%%":"*}.openstackci.local.xml + sed -i "s|__NODE__|${node%%":"*}|g" /etc/libvirt/qemu/${node%%":"*}.openstackci.local.xml + sed -i "s|__COUNT__|${node:(-2)}|g" /etc/libvirt/qemu/${node%%":"*}.openstackci.local.xml + sed -i "s|__DEVICE_NAME__|${DEVICE_NAME}|g" /etc/libvirt/qemu/${node%%":"*}.openstackci.local.xml + sed -i "s|__CONTAINER_VMS__|${CONTAINER_VMS}|g" /etc/libvirt/qemu/${node%%":"*}.openstackci.local.xml + done +done +# Populate network configurations based on node type +for node_type in $(get_all_types); do + for node in $(get_host_type ${node_type}); do + sed -e "s/__COUNT__/${node#*":"}/g" -e "s/__DEFAULT_NETWORK__/${DEFAULT_NETWORK}/g" -e "s/__NETWORK_BASE__/${NETWORK_BASE}/g" -e "s/__ETH_TYPE__/${ETH_TYPE}/g" "templates/network-interfaces/vm.openstackci.local-bonded-bridges.cfg" > "/var/www/html/osa-${node%%":"*}-bridges.cfg" + done +done +# Kick all of the VMs to run the cloud +# !!!THIS TASK WILL DESTROY ALL OF THE ROOT DISKS IF THEY ALREADY EXIST!!! +rekick_vms diff --git a/multi-node-aio-xenial-ansible/openstack-service-setup.sh b/multi-node-aio-xenial-ansible/openstack-service-setup.sh new file mode 100644 index 00000000..cdb70de7 --- /dev/null +++ b/multi-node-aio-xenial-ansible/openstack-service-setup.sh @@ -0,0 +1,175 @@ +#!/usr/bin/env bash + +# Load service variables +source openrc + +# bring in variable definitions if there is a variables.sh file +[[ -f variables.sh ]] && source variables.sh + +# Provide defaults for unset variables +# Set first two octets of network used for containers, storage, etc +NETWORK_BASE=${NETWORK_BASE:-172.29} + +# Create base flavors for the new deployment +for flavor in micro tiny mini small medium large xlarge heavy; do + NAME="m1.${flavor}" + ID="${ID:-0}" + RAM="${RAM:-256}" + DISK="${DISK:-1}" + VCPU="${VCPU:-1}" + SWAP="${SWAP:-0}" + EPHEMERAL="${EPHEMERAL:-0}" + nova flavor-delete $ID > /dev/null || echo "No Flavor with ID: [ $ID ] found to clean up" + nova flavor-create $NAME $ID $RAM $DISK $VCPU --swap $SWAP --is-public true --ephemeral $EPHEMERAL --rxtx-factor 1 + let ID=ID+1 + let RAM=RAM*2 + if [ "$ID" -gt 5 ];then + let VCPU=VCPU*2 + let DISK=DISK*2 + let EPHEMERAL=256 + let SWAP=4 + elif [ "$ID" -gt 4 ];then + let VCPU=VCPU*2 + let DISK=DISK*4+$DISK + let EPHEMERAL=$DISK/2 + let SWAP=4 + elif [ "$ID" -gt 3 ];then + let VCPU=VCPU*2 + let DISK=DISK*4+$DISK + let EPHEMERAL=$DISK/3 + let SWAP=4 + elif [ "$ID" -gt 2 ];then + let VCPU=VCPU+$VCPU/2 + let DISK=DISK*4 + let EPHEMERAL=$DISK/3 + let SWAP=4 + elif [ "$ID" -gt 1 ];then + let VCPU=VCPU+1 + let DISK=DISK*2+$DISK + fi +done + +# Neutron provider network setup +neutron net-create GATEWAY_NET \ + --router:external=True \ + --provider:physical_network=flat \ + --provider:network_type=flat + +neutron subnet-create GATEWAY_NET ${NETWORK_BASE}.248.0/22 \ + --name GATEWAY_NET_SUBNET \ + --gateway ${NETWORK_BASE}.248.1 \ + --allocation-pool start=${NETWORK_BASE}.248.201,end=${NETWORK_BASE}.248.255 \ + --dns-nameservers list=true ${DNS_NAMESERVER} + +# Neutron private network setup +neutron net-create PRIVATE_NET \ + --shared \ + --router:external=True \ + --provider:network_type=vxlan \ + --provider:segmentation_id 101 + +neutron subnet-create PRIVATE_NET 192.168.0.0/24 \ + --name PRIVATE_NET_SUBNET + +# Neutron router setup +ROUTER_ID=$(neutron router-create GATEWAY_NET_ROUTER | grep -w id | awk '{print $4}') +neutron router-gateway-set \ + ${ROUTER_ID} \ + $(neutron net-list | awk '/GATEWAY_NET/ {print $2}') + +neutron router-interface-add \ + ${ROUTER_ID} \ + $(neutron subnet-list | awk '/PRIVATE_NET_SUBNET/ {print $2}') + +# Neutron security group setup +for id in $(neutron security-group-list -f yaml | awk '/- id\:/ {print $3}'); do + # Allow ICMP + neutron security-group-rule-create --protocol icmp \ + --direction ingress \ + $id || true + # Allow all TCP + neutron security-group-rule-create --protocol tcp \ + --port-range-min 1 \ + --port-range-max 65535 \ + --direction ingress \ + $id || true + # Allow all UDP + neutron security-group-rule-create --protocol udp \ + --port-range-min 1 \ + --port-range-max 65535 -\ + -direction ingress \ + $id || true +done + +# Create some default images +wget http://uec-images.ubuntu.com/releases/14.04/release/ubuntu-14.04-server-cloudimg-amd64-disk1.img +glance image-create --name 'Ubuntu 14.04 LTS' \ + --container-format bare \ + --disk-format qcow2 \ + --visibility public \ + --progress \ + --file ubuntu-14.04-server-cloudimg-amd64-disk1.img +rm ubuntu-14.04-server-cloudimg-amd64-disk1.img + +wget http://uec-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img +glance image-create --name 'Ubuntu 16.04' \ + --container-format bare \ + --disk-format qcow2 \ + --visibility public \ + --progress \ + --file ubuntu-16.04-server-cloudimg-amd64-disk1.img +rm ubuntu-16.04-server-cloudimg-amd64-disk1.img + +wget http://dfw.mirror.rackspace.com/fedora/releases/24/CloudImages/x86_64/images/Fedora-Cloud-Base-24-1.2.x86_64.qcow2 +glance image-create --name 'Fedora 24' \ + --container-format bare \ + --disk-format qcow2 \ + --visibility public \ + --progress \ + --file Fedora-Cloud-Base-24-1.2.x86_64.qcow2 +rm Fedora-Cloud-Base-24-1.2.x86_64.qcow2 + +wget http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 +glance image-create --name 'CentOS 7' \ + --container-format bare \ + --disk-format qcow2 \ + --visibility public \ + --progress \ + --file CentOS-7-x86_64-GenericCloud.qcow2 +rm CentOS-7-x86_64-GenericCloud.qcow2 + +wget http://download.opensuse.org/repositories/Cloud:/Images:/Leap_42.1/images/openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2 +glance image-create --name 'OpenSuse Leap 42' \ + --container-format bare \ + --disk-format qcow2 \ + --visibility public \ + --progress \ + --file openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2 +rm openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2 + +wget http://cdimage.debian.org/cdimage/openstack/current/debian-8.6.0-openstack-amd64.qcow2 +glance image-create --name 'Debian 8.6.0' \ + --container-format bare \ + --disk-format qcow2 \ + --visibility public \ + --progress \ + --file debian-8.6.0-openstack-amd64.qcow2 +rm debian-8.6.0-openstack-amd64.qcow2 + +wget http://cdimage.debian.org/cdimage/openstack/testing/debian-testing-openstack-amd64.qcow2 +glance image-create --name "Debian TESTING $(date +%m-%d-%y)" \ + --container-format bare \ + --disk-format qcow2 \ + --visibility public \ + --progress \ + --file debian-testing-openstack-amd64.qcow2 +rm debian-testing-openstack-amd64.qcow2 + +wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img +glance image-create --name "Cirros-0.3.4" \ + --container-format bare \ + --disk-format qcow2 \ + --visibility public \ + --progress \ + --file cirros-0.3.4-x86_64-disk.img +rm cirros-0.3.4-x86_64-disk.img diff --git a/multi-node-aio-xenial-ansible/setup-host.sh b/multi-node-aio-xenial-ansible/setup-host.sh new file mode 100755 index 00000000..e6849f3c --- /dev/null +++ b/multi-node-aio-xenial-ansible/setup-host.sh @@ -0,0 +1,126 @@ +#!/usr/bin/env bash +set -eu +# Copyright [2016] [Kevin Carter] +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Load all functions +source functions.rc + +# bring in variable definitions if there is a variables.sh file +[[ -f variables.sh ]] && source variables.sh + +# Make the rekick function part of the main general shell +declare -f rekick_vms | tee /root/.functions.rc +declare -f ssh_agent_reset | tee -a /root/.functions.rc +if ! grep -q 'source /root/.functions.rc' /root/.bashrc; then + echo 'source /root/.functions.rc' | tee -a /root/.bashrc +fi + +# Reset the ssh-agent service to remove potential key issues +ssh_agent_reset + +if [ ! -f "/root/.ssh/id_rsa" ];then + ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa +fi + +# This gets the root users SSH-public-key +SSHKEY=${SSHKEY:-$(cat /root/.ssh/id_rsa.pub)} +if ! grep -q "${SSHKEY}" /root/.ssh/authorized_keys; then + cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys +fi + +# Install basic packages known to be needed +apt-get update && apt-get install -y bridge-utils ifenslave libvirt-bin lvm2 openssh-server python2.7 qemu-kvm ansible virtinst virt-manager \ + vlan software-properties-common python-software-properties python-netaddr + +if ! grep "^source.*cfg$" /etc/network/interfaces; then + echo 'source /etc/network/interfaces.d/*.cfg' | tee -a /etc/network/interfaces +fi + +# create kvm bridges +cp -v templates/kvm-bonded-bridges.cfg /etc/network/interfaces.d/kvm-bridges.cfg + +# set network address +sed -i "s|__NETWORK_BASE__|${NETWORK_BASE}|g" /etc/network/interfaces.d/kvm-bridges.cfg + +for i in $(awk '/iface/ {print $2}' /etc/network/interfaces.d/kvm-bridges.cfg); do + ifup $i +done + +# Clean up stale NTP processes. This is because of BUG https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1125726 +pkill lockfile-create || true + +# Set the forward rule +if ! grep -q '^net.ipv4.ip_forward' /etc/sysctl.conf; then + sysctl -w net.ipv4.ip_forward=1 | tee -a /etc/sysctl.conf +fi + +# Add rules from the INPUT chain +iptables_general_rule_add 'INPUT -i br-dhcp -p udp --dport 67 -j ACCEPT' +iptables_general_rule_add 'INPUT -i br-dhcp -p tcp --dport 67 -j ACCEPT' +iptables_general_rule_add 'INPUT -i br-dhcp -p udp --dport 53 -j ACCEPT' +iptables_general_rule_add 'INPUT -i br-dhcp -p tcp --dport 53 -j ACCEPT' + +# Add rules from the FORWARDING chain +iptables_general_rule_add 'FORWARD -i br-dhcp -j ACCEPT' +iptables_general_rule_add 'FORWARD -o br-dhcp -j ACCEPT' + +# Add rules from the nat POSTROUTING chain +iptables_filter_rule_add nat 'POSTROUTING -s 10.0.0.0/24 ! -d 10.0.0.0/24 -j MASQUERADE' + +# To provide internet connectivity to instances +iptables_filter_rule_add nat "POSTROUTING -o $(ip route get 1 | awk '/dev/ {print $5}') -j MASQUERADE" + +# Add rules from the mangle POSTROUTING chain +iptables_filter_rule_add mangle 'POSTROUTING -s 10.0.0.0/24 -o br-dhcp -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill' + +# To ensure ssh checksum are always correct +iptables_filter_rule_add mangle 'POSTROUTING -p tcp -j CHECKSUM --checksum-fill' + +# Enable partitioning of the "${DATA_DISK_DEVICE}" +PARTITION_HOST=${PARTITION_HOST:-false} +if [[ "${PARTITION_HOST}" = true ]]; then + # Set the data disk device, if unset the largest unpartitioned device will be used to for host VMs + DATA_DISK_DEVICE="${DATA_DISK_DEVICE:-$(lsblk -brndo NAME,TYPE,FSTYPE,RO,SIZE | awk '/d[b-z]+ disk +0/{ if ($4>m){m=$4; d=$1}}; END{print d}')}" + parted --script /dev/${DATA_DISK_DEVICE} mklabel gpt + parted --align optimal --script /dev/${DATA_DISK_DEVICE} mkpart kvm ext4 0% 100% + mkfs.ext4 $FORCE_PARTITION /dev/${DATA_DISK_DEVICE}1 + if ! grep -qw "^/dev/${DATA_DISK_DEVICE}1" /etc/fstab; then + echo "/dev/${DATA_DISK_DEVICE}1 /var/lib/libvirt/images/ ext4 defaults 0 0" >> /etc/fstab + fi + mount -a +fi + +# Set the default OVERRIDE_SOURCES var +OVERRIDE_SOURCES=${OVERRIDE_SOURCES:-true} +if ( "${OVERRIDE_SOURCES}" == true ) +then + cat > /etc/apt/sources.list < /etc/apt/apt.conf.d/00-nokey < /etc/libvirt/qemu/networks/${network}.xml + virsh net-define --file /etc/libvirt/qemu/networks/${network}.xml + virsh net-create --file /etc/libvirt/qemu/networks/${network}.xml + virsh net-autostart ${network} + fi +done diff --git a/multi-node-aio-xenial-ansible/templates/kvm-bonded-bridges.cfg b/multi-node-aio-xenial-ansible/templates/kvm-bonded-bridges.cfg new file mode 100644 index 00000000..0acff947 --- /dev/null +++ b/multi-node-aio-xenial-ansible/templates/kvm-bonded-bridges.cfg @@ -0,0 +1,69 @@ +# VLAN TAGS +# 1100 - MANAGEMENT_NET +# 1200 - OVERLAY_NET +# 1300 - STORAGE_NET +# 1400 - FLAT_NET + +#### BRIDGES USED FOR VM INTERFACES #### +# MANAGEMENT Network +auto vm-br-eth1 +iface vm-br-eth1 inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports none + address __NETWORK_BASE__.236.200 + netmask 255.255.252.0 + offload-sg off + +# FLAT Network +auto vm-br-eth2 +iface vm-br-eth2 inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports none + address __NETWORK_BASE__.248.1 + netmask 255.255.252.0 + offload-sg off + +# VLAN Network +auto vm-br-eth3 +iface vm-br-eth3 inet manual + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports none + offload-sg off + +# TUNNEL Network +auto vm-br-eth4 +iface vm-br-eth4 inet manual + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports none + offload-sg off + +# STORAGE Network +auto vm-br-eth5 +iface vm-br-eth5 inet manual + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports none + offload-sg off +#### INTERFACES USED FOR VM BRIDGES #### + + +#### SYSTEM INTEGRATION DEVICES #### +auto br-dhcp +iface br-dhcp inet static + bridge_stp off + bridge_waitport 0 + bridge_fd 0 + bridge_ports none + address 10.0.0.200 + netmask 255.255.255.0 + offload-sg off +#### SYSTEM INTEGRATION DEVICES #### diff --git a/multi-node-aio-xenial-ansible/templates/libvirt-network.xml b/multi-node-aio-xenial-ansible/templates/libvirt-network.xml new file mode 100644 index 00000000..1c10ff99 --- /dev/null +++ b/multi-node-aio-xenial-ansible/templates/libvirt-network.xml @@ -0,0 +1,5 @@ + + __NETWORK__ + + + \ No newline at end of file diff --git a/multi-node-aio-xenial-ansible/templates/network-interfaces/vm.openstackci.local-bonded-bridges.cfg b/multi-node-aio-xenial-ansible/templates/network-interfaces/vm.openstackci.local-bonded-bridges.cfg new file mode 100644 index 00000000..e5a0866d --- /dev/null +++ b/multi-node-aio-xenial-ansible/templates/network-interfaces/vm.openstackci.local-bonded-bridges.cfg @@ -0,0 +1,76 @@ +## Physical interface, could be bond. This only needs to be set once for the physical device +# MANAGEMENT Network +auto __ETH_TYPE__10 +iface __ETH_TYPE__10 inet manual + +# FLAT Network +auto __ETH_TYPE__11 +iface __ETH_TYPE__11 inet manual + +# VLAN Network +auto __ETH_TYPE__12 +iface __ETH_TYPE__12 inet manual + +# TUNNEL Network +auto __ETH_TYPE__13 +iface __ETH_TYPE__13 inet manual + +# STORAGE Network +auto __ETH_TYPE__14 +iface __ETH_TYPE__14 inet manual + +auto br-mgmt +iface br-mgmt inet static + bridge_stp off + bridge_waitport 10 + bridge_fd 0 + bridge_ports ens10 + address __NETWORK_BASE__.236.__COUNT__ + netmask 255.255.252.0 + offload-sg off + +auto br-flat +iface br-flat inet static + bridge_stp off + bridge_waitport 10 + bridge_fd 0 + bridge_ports __ETH_TYPE__11 + address __NETWORK_BASE__.248.__COUNT__ + netmask 255.255.252.0 + offload-sg off + +auto br-vlan +iface br-vlan inet manual + bridge_stp off + bridge_waitport 10 + bridge_fd 0 + bridge_ports __ETH_TYPE__12 + offload-sg off + +auto br-vxlan +iface br-vxlan inet static + bridge_stp off + bridge_waitport 10 + bridge_fd 0 + bridge_ports __ETH_TYPE__13 + address __NETWORK_BASE__.240.__COUNT__ + netmask 255.255.252.0 + offload-sg off + # To ensure ssh checksum is correct + up /sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill + down /sbin/iptables -D POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill + # To provide internet connectivity to instances + up /sbin/iptables -t nat -A POSTROUTING -o __DEFAULT_NETWORK__ -j MASQUERADE + down /sbin/iptables -t nat -D POSTROUTING -o __DEFAULT_NETWORK__ -j MASQUERADE + # Make sure instances can talk to the metadata server + up /sbin/iptables -t mangle -A POSTROUTING -p tcp --sport 80 -j CHECKSUM --checksum-fill + +auto br-storage +iface br-storage inet static + bridge_stp off + bridge_waitport 10 + bridge_fd 0 + bridge_ports __ETH_TYPE__14 + address __NETWORK_BASE__.244.__COUNT__ + netmask 255.255.252.0 + offload-sg off diff --git a/multi-node-aio-xenial-ansible/templates/openstack_user_config.yml b/multi-node-aio-xenial-ansible/templates/openstack_user_config.yml new file mode 100644 index 00000000..c0762066 --- /dev/null +++ b/multi-node-aio-xenial-ansible/templates/openstack_user_config.yml @@ -0,0 +1,75 @@ +--- +cidr_networks: + container: __NETWORK_BASE__.236.0/22 + tunnel: __NETWORK_BASE__.240.0/22 + storage: __NETWORK_BASE__.244.0/22 + +used_ips: + - "__NETWORK_BASE__.236.0,__NETWORK_BASE__.236.200" + - "__NETWORK_BASE__.240.0,__NETWORK_BASE__.240.200" + - "__NETWORK_BASE__.244.0,__NETWORK_BASE__.244.200" + - "__NETWORK_BASE__.248.0,__NETWORK_BASE__.248.200" + +global_overrides: + internal_lb_vip_address: __NETWORK_BASE__.236.200 + # The external IP is quoted simply to ensure that the .aio file can be used as input + # dynamic inventory testing. + external_lb_vip_address: "__HOSTIP__" + tunnel_bridge: "br-vxlan" + management_bridge: "br-mgmt" + provider_networks: + - network: + container_bridge: "br-mgmt" + container_type: "veth" + container_interface: "eth1" + ip_from_q: "container" + type: "raw" + group_binds: + - all_containers + - hosts + is_container_address: true + is_ssh_address: true + - network: + container_bridge: "br-vxlan" + container_type: "veth" + container_interface: "eth10" + ip_from_q: "tunnel" + type: "vxlan" + range: "1:1000" + net_name: "vxlan" + group_binds: + - neutron_linuxbridge_agent + - network: + container_bridge: "br-flat" + container_type: "veth" + container_interface: "eth12" + type: "flat" + net_name: "flat" + group_binds: + - neutron_linuxbridge_agent + - utility_all + - network: + container_bridge: "br-vlan" + container_type: "veth" + container_interface: "eth11" + type: "vlan" + range: "1:1" + net_name: "vlan" + group_binds: + - neutron_linuxbridge_agent + - network: + container_bridge: "br-storage" + container_type: "veth" + container_interface: "eth2" + ip_from_q: "storage" + type: "raw" + group_binds: + - glance_api + - cinder_api + - cinder_volume + - nova_compute + - swift_proxy + +haproxy_hosts: + loadbalancer1: + ip: __NETWORK_BASE__.236.200 diff --git a/multi-node-aio-xenial-ansible/templates/osa-swift.yml b/multi-node-aio-xenial-ansible/templates/osa-swift.yml new file mode 100644 index 00000000..cb522b94 --- /dev/null +++ b/multi-node-aio-xenial-ansible/templates/osa-swift.yml @@ -0,0 +1,16 @@ +--- +global_overrides: + swift: + part_power: 8 + storage_network: 'br-storage' + replication_network: 'br-storage' + drives: + - name: disk1 + - name: disk2 + - name: disk3 + mount_point: /srv + storage_policies: + - policy: + name: default + index: 0 + default: True diff --git a/multi-node-aio-xenial-ansible/templates/vmnode-config/cinder.openstackci.local.xml b/multi-node-aio-xenial-ansible/templates/vmnode-config/cinder.openstackci.local.xml new file mode 100644 index 00000000..dc3cf631 --- /dev/null +++ b/multi-node-aio-xenial-ansible/templates/vmnode-config/cinder.openstackci.local.xml @@ -0,0 +1,131 @@ + + __NODE__.openstackci.local + 12 + 4 + 2 + + /machine + + + hvm + + + + + + + + + + + + + + destroy + restart + restart + + + + + + + + + + + +
+ + + + + + +
+ + + + + + + + +
+ + + + + + + + +
+ + + + + + + + +
+ + + + + + + + +
+ + + + + + + + +
+ + + + + + + + +
+ + + + + + + + + + + + + + + + +