diff --git a/deploy-guide/source/deploymenthost.rst b/deploy-guide/source/deploymenthost.rst index 19103942e9..e9bd445356 100644 --- a/deploy-guide/source/deploymenthost.rst +++ b/deploy-guide/source/deploymenthost.rst @@ -17,6 +17,9 @@ To use a target host as a deployment host, follow the steps in :deploy_guide:`Prepare the target hosts ` on the deployment host. +Configuring the operating system +================================ + Install the operating system ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -30,8 +33,8 @@ hosts: Configure at least one network interface to access the Internet or suitable local repositories. -Configure the operating system (Ubuntu) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Configure Ubuntu +~~~~~~~~~~~~~~~~ Install additional software packages and configure Network Time Protocol (NTP). Before you begin, we recommend upgrading your system packages and kernel. @@ -61,8 +64,8 @@ Before you begin, we recommend upgrading your system packages and kernel. #. Configure NTP to synchronize with a suitable time source. -Configure the operating system (CentOS) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Configure CentOS +~~~~~~~~~~~~~~~~ Install additional software packages and configure Network Time Protocol (NTP). Before you begin, we recommend upgrading your system packages and kernel. @@ -103,8 +106,8 @@ Before you begin, we recommend upgrading your system packages and kernel. deployments. Until that work is complete, deployers must maintain their own firewall rulesets or disable the firewall entirely. -Configure the operating system (openSUSE) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Configure openSUSE +~~~~~~~~~~~~~~~~~~ Install additional software packages and configure Network Time Protocol (NTP). Before you begin, we recommend upgrading your system packages and kernel. @@ -128,8 +131,18 @@ Before you begin, we recommend upgrading your system packages and kernel. #. Configure NTP to synchronize with a suitable time source. +Configure SSH keys +================== + +Ansible uses SSH with public key authentication to connect the +deployment host and target hosts. To reduce user +interaction during Ansible operations, do not include passphrases with +key pairs. However, if a passphrase is required, consider using the +``ssh-agent`` and ``ssh-add`` commands to temporarily store the +passphrase before performing Ansible operations. + Configure the network -~~~~~~~~~~~~~~~~~~~~~ +===================== Ansible deployments fail if the deployment server can't use Secure Shell (SSH) to connect to the containers. @@ -147,7 +160,7 @@ deployment host: Container management: 172.29.236.0/22 (VLAN 10) Install the source and dependencies -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +=================================== Install the source and dependencies for the deployment host. @@ -181,13 +194,3 @@ Install the source and dependencies for the deployment host. # scripts/bootstrap-ansible.sh -Configure SSH keys -~~~~~~~~~~~~~~~~~~ - -Ansible uses SSH with public key authentication to connect the -deployment host and target hosts. To reduce user -interaction during Ansible operations, do not include passphrases with -key pairs. However, if a passphrase is required, consider using the -``ssh-agent`` and ``ssh-add`` commands to temporarily store the -passphrase before performing Ansible operations. - diff --git a/deploy-guide/source/targethosts-networkconfig.rst b/deploy-guide/source/targethosts-networkconfig.rst index 8aefb452a1..5b9b28f0ba 100644 --- a/deploy-guide/source/targethosts-networkconfig.rst +++ b/deploy-guide/source/targethosts-networkconfig.rst @@ -1,8 +1,9 @@ -===================== -Network configuration -===================== +Configuring the network +======================= -The following table shows bridges that are to be configured on hosts. +OpenStack-Ansible uses bridges to connect physical and logical network +interfaces on the host to virtual network interfaces within containers. +Target hosts need to be configured with the following network bridges: +-------------+-----------------------+-------------------------------------+ | Bridge name | Best configured on | With a static IP | @@ -31,20 +32,14 @@ For use case examples, refer to :dev_docs:`User Guides `. - -Host network bridges -~~~~~~~~~~~~~~~~~~~~ - -OpenStack-Ansible uses bridges to connect physical and logical network -interfaces on the host to virtual network interfaces within containers. -Target hosts are configured with the following network bridges. - +Host network bridges information +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * LXC internal: ``lxcbr0`` - The ``lxcbr0`` bridge is **required**, but OpenStack-Ansible configures it - automatically. It provides external (typically Internet) connectivity to - containers. + The ``lxcbr0`` bridge is **required** for LXC, but OpenStack-Ansible + configures it automatically. It provides external (typically Internet) + connectivity to containers with dnsmasq (DHCP/DNS) + NAT. This bridge does not directly attach to any physical or logical interfaces on the host because iptables handles connectivity. It @@ -56,7 +51,7 @@ Target hosts are configured with the following network bridges. * Container management: ``br-mgmt`` - The ``br-mgmt`` bridge is **required**. It provides management of and + The ``br-mgmt`` bridge provides management of and communication between the infrastructure and OpenStack services. The bridge attaches to a physical or logical interface, typically a @@ -67,9 +62,8 @@ Target hosts are configured with the following network bridges. * Storage:``br-storage`` - The ``br-storage`` bridge is **optional**, but recommended for production - environments. It provides segregated access to Block Storage devices - between OpenStack services and Block Storage devices. + The ``br-storage`` bridge provides segregated access to Block Storage + devices between OpenStack services and Block Storage devices. The bridge attaches to a physical or logical interface, typically a ``bond0`` VLAN subinterface. It also attaches to ``eth2`` in each @@ -80,9 +74,9 @@ Target hosts are configured with the following network bridges. * OpenStack Networking tunnel: ``br-vxlan`` - The ``br-vxlan`` bridge is **required** if the environment is configured to - allow projects to create virtual networks. It provides the interface for - virtual (VXLAN) tunnel networks. + The ``br-vxlan`` bridge is **required if** the environment is configured to + allow projects to create virtual networks using VXLAN. + It provides the interface for virtual (VXLAN) tunnel networks. The bridge attaches to a physical or logical interface, typically a ``bond1`` VLAN subinterface. It also attaches to ``eth10`` in each @@ -93,7 +87,7 @@ Target hosts are configured with the following network bridges. * OpenStack Networking provider: ``br-vlan`` - The ``br-vlan`` bridge is **required**. It provides infrastructure for VLAN + The ``br-vlan`` bridge is provides infrastructure for VLAN tagged or flat (no VLAN tag) networks. The bridge attaches to a physical or logical interface, typically ``bond1``. diff --git a/deploy-guide/source/targethosts-prepare.rst b/deploy-guide/source/targethosts-prepare.rst index f7f3c70880..14913ddb85 100644 --- a/deploy-guide/source/targethosts-prepare.rst +++ b/deploy-guide/source/targethosts-prepare.rst @@ -1,6 +1,5 @@ -============================================ -Configuring the operating system and storage -============================================ +Configuring the operating system +================================ This section describes the installation and configuration of operating systems for the target hosts, as well as deploying SSH keys and @@ -27,8 +26,8 @@ installation on target hosts that do not have local (console) access. We also recommend setting your locale to `en_US.UTF-8`. Other locales might work, but they are not tested or supported. -Configure the operating system (Ubuntu) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Configure Ubuntu +~~~~~~~~~~~~~~~~ #. Update package source lists @@ -74,8 +73,8 @@ Configure the operating system (Ubuntu) #. Reboot the host to activate the changes and use the new kernel. -Configure the operating system (CentOS) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Configure CentOS +~~~~~~~~~~~~~~~~ #. Upgrade the system packages and kernel: @@ -117,8 +116,8 @@ Configure the operating system (CentOS) #. Reboot the host to activate the changes and use the new kernel. -Configure the operating system (openSUSE) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Configure openSUSE +~~~~~~~~~~~~~~~~~~ #. Upgrade the system packages and kernel: @@ -160,8 +159,8 @@ Configure the operating system (openSUSE) #. Reboot the host to activate the changes and use the new kernel. -Deploying Secure Shell (SSH) keys -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Configure SSH keys +================== Ansible uses SSH to connect the deployment host and target hosts. @@ -190,16 +189,14 @@ practices, see `GitHub's documentation about generating SSH keys`_. ``lxc_container_ssh_key`` variable to the public key for the container. -.. _configuring-storage: - -Configure storage -~~~~~~~~~~~~~~~~~ +Configuring the storage +======================= `Logical Volume Manager (LVM)`_ enables a single device to be split into multiple logical volumes that appear as a physical storage device to the -operating system. The Block Storage (cinder) service, and the LXC containers -that run the OpenStack infrastructure, can optionally use LVM for their data -storage. +operating system. The Block Storage (cinder) service, and LXC containers +that optionally run the OpenStack infrastructure, +can optionally use LVM for their data storage. .. note:: @@ -217,7 +214,8 @@ storage. # vgcreate cinder-volumes physical_volume_device_path #. Optionally, create an LVM volume group named ``lxc`` for container file - systems. If the ``lxc`` volume group does not exist, containers are + systems if you want to use LXC with LVM. + If the ``lxc`` volume group does not exist, containers are automatically installed on the file system under ``/var/lib/lxc`` by default. diff --git a/deploy-guide/source/targethosts.rst b/deploy-guide/source/targethosts.rst index 5e9ad05d10..469e08cef4 100644 --- a/deploy-guide/source/targethosts.rst +++ b/deploy-guide/source/targethosts.rst @@ -4,11 +4,8 @@ Prepare the target hosts ======================== -.. toctree:: - :maxdepth: 2 - - targethosts-prepare.rst - targethosts-networkconfig.rst - .. figure:: figures/installation-workflow-targethosts.png :width: 100% + +.. include:: targethosts-prepare.rst +.. include:: targethosts-networkconfig.rst