diff --git a/ansible/gather/group_vars/all b/ansible/gather/group_vars/all deleted file mode 100644 index ec4a0e633..000000000 --- a/ansible/gather/group_vars/all +++ /dev/null @@ -1,12 +0,0 @@ ---- -# Path of browbeat -browbeat_path: /home/stack/browbeat - -# Home directory on undercloud -home_dir: /home/stack - -# Login user for the remote hosts -host_remote_user: heat-admin - -# Login user for the local/jump machine -local_remote_user: stack diff --git a/ansible/gather/group_vars/all.yml b/ansible/gather/group_vars/all.yml new file mode 100644 index 000000000..451d6a401 --- /dev/null +++ b/ansible/gather/group_vars/all.yml @@ -0,0 +1,11 @@ +--- + +# Adjust Browbeat user if you are deploying Browbeat on a different machine than the Undercloud +browbeat_user: stack +# Login user for the local/jump machine (Typically Undercloud) +local_remote_user: stack +# Login user for the Overcloud hosts +host_remote_user: heat-admin + +home_dir: "/home/{{browbeat_user}}" +browbeat_path: "{{home_dir}}/browbeat" diff --git a/ansible/gather/site.yml b/ansible/gather/site.yml index 269a8ef42..07ed43296 100644 --- a/ansible/gather/site.yml +++ b/ansible/gather/site.yml @@ -28,7 +28,7 @@ - common - undercloud -- hosts: undercloud - remote_user: "{{ local_remote_user }}" +- hosts: browbeat + remote_user: "{{ browbeat_user }}" roles: - dump-facts diff --git a/ansible/generate_tripleo_hostfile.sh b/ansible/generate_tripleo_hostfile.sh index 8399cd475..386319352 100755 --- a/ansible/generate_tripleo_hostfile.sh +++ b/ansible/generate_tripleo_hostfile.sh @@ -1,10 +1,33 @@ #!/bin/bash -if [ ! $# -ge 1 ]; then - echo "Usage: ./generate_tripleo_hostfiles.sh " - echo "Generates ssh config file to use with an TripleO undercloud host as a jumpbox and creates ansible inventory file." - exit +function usage +{ + echo "Usage: generate_tripleo_hostfile.sh [-t [-l | --localhost]] | [-h | --help]" + echo "Generates ssh config file to use with an TripleO undercloud host as a jumpbox and creates ansible inventory file." +} + +uncomment_localhost=false +tripleo_ip_address= +while [ "$1" != "" ]; do + case $1 in + -l | --localhost ) uncomment_localhost=true + ;; + -t | --tripleo_ip_address ) + shift + tripleo_ip_address=$1 + ;; + -h | --help ) usage + exit + ;; + * ) usage + exit 1 + esac + shift +done +if [ -z "$tripleo_ip_address" ]; then + usage + exit 1 fi -tripleo_ip_address=$1 + ansible_inventory_file='hosts' DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" ssh_config_file=${DIR}'/ssh-config' @@ -187,7 +210,17 @@ echo "---------------------------" echo "Creating ansible inventory file:" echo "---------------------------" echo "" -echo "[undercloud]" | tee ${ansible_inventory_file} +echo "[browbeat]" | tee ${ansible_inventory_file} +echo "# Pick host depending on desired install" | tee -a ${ansible_inventory_file} +if [ "${uncomment_localhost}" = true ]; then + echo "localhost" | tee -a ${ansible_inventory_file} + echo "#undercloud" | tee -a ${ansible_inventory_file} +else + echo "#localhost" | tee -a ${ansible_inventory_file} + echo "undercloud" | tee -a ${ansible_inventory_file} +fi +echo "" | tee -a ${ansible_inventory_file} +echo "[undercloud]" | tee -a ${ansible_inventory_file} echo "undercloud" | tee -a ${ansible_inventory_file} if [[ ${#controller_hn} -gt 0 ]]; then echo "" | tee -a ${ansible_inventory_file} diff --git a/ansible/install/browbeat.yml b/ansible/install/browbeat.yml index 3e46459d2..e9febd3dc 100644 --- a/ansible/install/browbeat.yml +++ b/ansible/install/browbeat.yml @@ -9,11 +9,18 @@ - no-sshd-dns - shaker-check -- hosts: undercloud - remote_user: "{{ local_remote_user }}" +- hosts: browbeat + remote_user: "{{ browbeat_user }}" roles: - common - browbeat + - { role: browbeat-results, when: browbeat_results_in_httpd} + - firewall + - perfkitbenchmarker + - rally + - shaker + - flavors + - images - hosts: compute remote_user: "{{ host_remote_user }}" diff --git a/ansible/install/group_vars/all.yml b/ansible/install/group_vars/all.yml index 0e99ebed4..3bf30d026 100644 --- a/ansible/install/group_vars/all.yml +++ b/ansible/install/group_vars/all.yml @@ -1,52 +1,75 @@ --- +######################################## +# Browbeat Install Configuration +######################################## + +# Adjust Browbeat user if you are deploying Browbeat on a different machine than the Undercloud +browbeat_user: stack +# Login user for the local/jump machine (Typically Undercloud) +local_remote_user: stack +# Login user for the Overcloud hosts +host_remote_user: heat-admin + # OpenStack Installer +# Tripleo is the only installer supported currently tripleo: true -browbeat_path: /home/stack/browbeat -home_dir: /home/stack +home_dir: "/home/{{browbeat_user}}" +browbeat_path: "{{home_dir}}/browbeat" + +# The Overcloud RC file +overcloudrc: "{{home_dir}}/overcloudrc" + +# The Overcloud CA cert file +# overcloud_ca_path: /etc/pki/ca-trust/source/anchors/overcloud.crt.pem + +# The default Browbeat venv +browbeat_venv: "{{home_dir}}/browbeat-venv" + +# The default Rally venv +rally_venv: "{{home_dir}}/rally-venv" + +# Rally version to install +rally_version: 0.8.1 + +# The default Shaker venv +shaker_venv: "{{home_dir}}/shaker-venv" + +# Shaker version to Install +shaker_version: 0.0.17 + +# PerfKitBenchmarker Settings +perfkit_venv: "{{home_dir}}/perfkit-venv" +perfkit_version: v1.7.0 + # Configuration items to adjust browbeat results served through httpd browbeat_results_port: 9001 browbeat_results_in_httpd: true supported_distro: ((ansible_distribution == "CentOS" && ansible_distribution_major_version >= "7") or (ansible_distribution == "RedHat" && ansible_distribution_major_version >= "7")) -# Login user for the remote hosts -host_remote_user: heat-admin -# Login user for the local/jump machine -local_remote_user: stack +# iptables file - RHEL (/etc/sysconfig/iptables) CentOS (/etc/sysconfig/iptables-config) +iptables_file: /etc/sysconfig/iptables -# The Overcloud RC file -overcloudrc: /home/stack/overcloudrc - -# The Overcloud CA cert file -# overcloud_ca_path: /etc/pki/ca-trust/source/anchors/overcloud.crt.pem - -# The default Browbeat venv -browbeat_venv: /home/stack/browbeat-venv - -# The default Rally venv -rally_venv: /home/stack/rally-venv - -# Rally version to install -rally_version: 0.8.1 - -# The default Shaker venv -shaker_venv: /home/stack/shaker-venv - -# Shaker version to Install -shaker_version: 0.0.17 - -# PerfKitBenchmarker Settings -perfkit_venv: /home/stack/perfkit-venv -perfkit_version: v1.7.0 +######################################## +# Other Install Configuration Items +######################################## # Guest images for the Overcloud +# Note hash key name must match intended name for image upload to +# work consistently (Ex. images['cirros'].name == 'cirros') images: centos7: + name: centos7 url: http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 + type: qcow2 + convert_to_raw: true cirros: - url: http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img + name: cirros + url: http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img + type: qcow2 + convert_to_raw: true # DNS Server to add dns_server: 8.8.8.8 diff --git a/ansible/install/roles/browbeat-results/handlers/main.yml b/ansible/install/roles/browbeat-results/handlers/main.yml new file mode 100644 index 000000000..5117c4707 --- /dev/null +++ b/ansible/install/roles/browbeat-results/handlers/main.yml @@ -0,0 +1,17 @@ +--- +# +# Browbeat Results handlers +# + +- name: start httpd + service: + name: httpd + state: started + enabled: true + become: true + +- name: restart httpd + service: + name: httpd + state: restarted + become: true diff --git a/ansible/install/roles/browbeat-results/tasks/main.yml b/ansible/install/roles/browbeat-results/tasks/main.yml new file mode 100644 index 000000000..92704d6e6 --- /dev/null +++ b/ansible/install/roles/browbeat-results/tasks/main.yml @@ -0,0 +1,62 @@ +--- +# +# Browbeat Results via httpd +# + +- name: Install httpd + yum: + name: httpd + state: present + become: true + notify: + - start httpd + +- name: Remove welcome.conf if it exists + file: + path: /etc/httpd/conf.d/welcome.conf + state: absent + become: true + notify: + - restart httpd + +- name: Setup browbeat.conf in /etc/httpd/conf.d + template: + src: 00-browbeat.conf.j2 + dest: "/etc/httpd/conf.d/00-browbeat-{{browbeat_user}}.conf" + owner: root + group: root + mode: 0644 + become: true + notify: + - restart httpd + +- name: Set seboolean(httpd_read_user_content) + seboolean: + name: httpd_read_user_content + state: yes + persistent: yes + become: true + +- name: Allow httpd to serve content in "{{ home_dir }}" + file: + path: "{{ home_dir }}" + state: directory + mode: 0755 + +# (akrzos) Port 9000 is already in use by zaqar-server with Newton and thus the fact that likely the +# user will choose a port that is not enabled by selinux to allow httpd to listen, we need to modify +# the ports enabled by selinux for httpd. If the port is already defined you will run into this +# issue if you use the "seport" ansible module: +# https://github.com/ansible/ansible-modules-extras/pull/2694 +# This is not in upstream Ansible releases as of 2.1.1.0 +- name: Allow httpd to listen to port ({{browbeat_results_port}}) + shell: "/usr/sbin/semanage port -m -t http_port_t -p tcp {{browbeat_results_port}}" + become: true + register: seport_modified + ignore_errors: true + +# If port can not be modified, it likely has to be added (Ex. Port 9002) +- name: Allow httpd to listen to port ({{browbeat_results_port}}) via add + shell: "/usr/sbin/semanage port -a -t http_port_t -p tcp {{browbeat_results_port}}" + become: true + when: seport_modified.rc != 0 diff --git a/ansible/install/roles/browbeat/templates/00-browbeat.conf.j2 b/ansible/install/roles/browbeat-results/templates/00-browbeat.conf.j2 similarity index 100% rename from ansible/install/roles/browbeat/templates/00-browbeat.conf.j2 rename to ansible/install/roles/browbeat-results/templates/00-browbeat.conf.j2 diff --git a/ansible/install/roles/browbeat/handlers/main.yml b/ansible/install/roles/browbeat/handlers/main.yml deleted file mode 100644 index fbbd54e5a..000000000 --- a/ansible/install/roles/browbeat/handlers/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# -# Browbeat installer handlers -# - -- name: restart httpd - service: name=httpd state=restarted - become: true diff --git a/ansible/install/roles/browbeat/tasks/main.yml b/ansible/install/roles/browbeat/tasks/main.yml index 792850e6b..e15dad426 100644 --- a/ansible/install/roles/browbeat/tasks/main.yml +++ b/ansible/install/roles/browbeat/tasks/main.yml @@ -8,24 +8,33 @@ when: not supported_distro - name: Install python development tools - yum: name=python-devel state=present + yum: + name: python-devel + state: present become: true - name: Install dependencies for CentOS - yum: name={{ item }} state=present + yum: + name: "{{ item }}" + state: present become: true with_items: - - libffi-devel - - openssl-devel - gcc - gcc-c++ + - libffi-devel + - libsemanage-python + - openssl-devel + - policycoreutils-python - name: Install pip - easy_install: name=pip + easy_install: + name: pip become: true - name: Update virtualenv and setuptools - pip: name={{item}} state=latest + pip: + name: "{{item}}" + state: latest become: true with_items: - virtualenv @@ -34,299 +43,47 @@ - name: Create browbeat virtualenv command: virtualenv {{ browbeat_venv }} creates={{ browbeat_venv }} -- name: Create perfkit virtualenv - command: virtualenv {{ perfkit_venv }} creates={{ perfkit_venv }} - -- name: Create rally virtualenv - command: virtualenv {{ rally_venv }} creates={{ rally_venv }} - -- name: Create shaker virtualenv - command: virtualenv {{ shaker_venv }} creates={{ shaker_venv }} - -- name: Rally Add browbeat to Python path - shell: echo 'export PYTHONPATH=$PYTHONPATH:{{ browbeat_path }}/lib' >> {{ rally_venv }}/bin/activate - - name: Setup browbeat-venv CA certificate path lineinfile: dest: "{{ browbeat_venv }}/bin/activate" line: 'export REQUESTS_CA_BUNDLE={{ overcloud_ca_path }}' when: overcloud_ca_path is defined -- name: Setup perfkit-venv CA certificate path - lineinfile: - dest: "{{ perfkit_venv }}/bin/activate" - line: 'export REQUESTS_CA_BUNDLE={{ overcloud_ca_path }}' - when: overcloud_ca_path is defined - -- name: Setup rally-venv CA certificate path - lineinfile: - dest: "{{ rally_venv }}/bin/activate" - line: 'export REQUESTS_CA_BUNDLE={{ overcloud_ca_path }}' - when: overcloud_ca_path is defined - -- name: Setup shaker-venv CA certificate path - lineinfile: - dest: "{{ shaker_venv }}/bin/activate" - line: 'export REQUESTS_CA_BUNDLE={{ overcloud_ca_path }}' - when: overcloud_ca_path is defined - - name: Determine if browbeat directory exists already - stat: path={{ browbeat_path }} + stat: + path: "{{ browbeat_path }}" register: browbeat_exists - debug: msg="Browbeat directory exists already." when: browbeat_exists.stat.isdir is defined and browbeat_exists.stat.isdir - name: Clone browbeat on undercloud - git: repo=https://github.com/openstack/browbeat.git dest={{ browbeat_path }} version=master + git: + repo: https://github.com/openstack/browbeat.git + dest: "{{ browbeat_path }}" + version: master when: browbeat_exists.stat.isdir is undefined -- name: Generate hosts and ssh-config on undercloud - shell: . {{ home_dir }}/stackrc; {{ browbeat_path }}/ansible/generate_tripleo_hostfile.sh localhost - when: tripleo +- name: Determine if generate_tripleo_hostfile has been run + stat: + path: "{{ browbeat_path }}/ansible/hosts" + register: hosts_file_exists + +- debug: msg="Hosts file is already generated." + when: hosts_file_exists.stat.exists and hosts_file_exists.stat.isreg + +- name: Generate hosts and ssh-config on Browbeat Machine + shell: . {{ home_dir }}/stackrc; {{ browbeat_path }}/ansible/generate_tripleo_hostfile.sh -t localhost + when: "(tripleo == true and (hosts_file_exists.stat.exists == false or hosts_file_exists.stat.isreg == false))" - name: Move files to correct location command: mv {{ home_dir }}/{{item}} {{ browbeat_path }}/ansible/{{item}} with_items: - hosts - heat-admin-id_rsa + when: "(tripleo == true and (hosts_file_exists.stat.exists == false or hosts_file_exists.stat.isreg == false))" - name: Install requirements.txt into browbeat-venv - pip: requirements={{ browbeat_path }}/requirements.txt virtualenv={{ browbeat_venv }} - -# PerfKitBenchmarker Install -- name: Determine if PerfKitBenchmarker is already cloned - stat: path={{ perfkit_venv }}/PerfKitBenchmarker - register: perfkit_exists - -- debug: msg="PerfKitBenchmarker already exists on the host" - when: perfkit_exists.stat.isdir is defined and perfkit_exists.stat.isdir - -- name: Clone PerfKitBenchmarker on undercloud - git: - repo: https://github.com/GoogleCloudPlatform/PerfKitBenchmarker.git - dest: "{{perfkit_venv}}/PerfKitBenchmarker" - version: "{{perfkit_version}}" - when: perfkit_exists.stat.isdir is undefined - -- name: Install PerfKitBenchmarker requirements into perfkit-venv pip: - requirements: "{{perfkit_venv}}/PerfKitBenchmarker/requirements.txt" - virtualenv: "{{perfkit_venv}}" - -- name: Install PerfKitBenchmarker Openstack requirements into perfkit-venv - pip: - requirements: "{{ perfkit_venv }}/PerfKitBenchmarker/perfkitbenchmarker/providers/openstack/requirements.txt" - virtualenv: "{{perfkit_venv}}" - -# (akrzos) - Using 2.6 seems most stable, Using latest or >2.6 as per PerfKitBenchmarker -# openstack/requirements.txt results in an openstack cli error. -- name: Downgrade python-openstackclient inside perfkit-venv - pip: - name: python-openstackclient - version: 2.6.0 - virtualenv: "{{perfkit_venv}}" -# End PerfKitBenchmarker Install - -- name: Install rally into rally-venv - pip: name=rally version={{ rally_version }} virtualenv={{ rally_venv }} - -- name: Install elasticsearch into rally-venv - pip: name=elasticsearch virtualenv={{ rally_venv }} - -- name: Setup rally database - shell: . {{ rally_venv }}/bin/activate; rally-manage db recreate - -- name: Setup rally deployment - shell: . {{ rally_venv }}/bin/activate; . {{ overcloudrc }}; rally deployment create --fromenv --name overcloud - -- name: Install shaker - pip: name=pyshaker version={{ shaker_version }} virtualenv={{ shaker_venv }} - -# -# Serve results out of httpd if browbeat_results_in_httpd is set to true -# - -- name: Setup browbeat.conf in /etc/httpd/conf.d - template: - src: 00-browbeat.conf.j2 - dest: /etc/httpd/conf.d/00-browbeat.conf - owner: root - group: root - mode: 0644 - become: true - when: browbeat_results_in_httpd - notify: - - restart httpd - -- name: Set seboolean(httpd_read_user_content) - seboolean: name=httpd_read_user_content state=yes persistent=yes - become: true - when: browbeat_results_in_httpd - -- name: Allow httpd to serve content in "{{ home_dir }}" - file: path="{{ home_dir }}" state=directory mode=0755 - when: browbeat_results_in_httpd - -# (akrzos) Port 9000 is already in use by zaqar-server with Newton and thus the fact that likely the -# user will choose a port that is not enabled by selinux to allow httpd to listen, we need to modify -# the ports enabled by selinux for httpd. If the port is already defined you will run into this -# issue if you use the "seport" ansible module: -# https://github.com/ansible/ansible-modules-extras/pull/2694 -# This is not in upstream Ansible releases as of 2.1.1.0 -- name: Allow httpd to listen to port ({{browbeat_results_port}}) - shell: "/usr/sbin/semanage port -m -t http_port_t -p tcp {{browbeat_results_port}}" - become: true - when: browbeat_results_in_httpd - -### Begin Shaker port and browbeat_results_port firewall tasks### -# Firewalld -- name: Determine if firewalld is in use - shell: systemctl is-enabled firewalld.service | egrep -qv 'masked|disabled' - ignore_errors: true - register: firewalld_in_use - no_log: true - tags: - # Skip ANSIBLE0012 Commands should not change things if nothing needs doing - # Need to check if firewall is in use - - skip_ansible_lint - -- name: Determine if firewalld is active - shell: systemctl is-active firewalld.service | egrep -vq 'inactive|unknown' - ignore_errors: true - register: firewalld_is_active - no_log: true - tags: - # Skip ANSIBLE0012 Commands should not change things if nothing needs doing - # Need to check if firewall is active - - skip_ansible_lint - -- name: (shaker) Determine if TCP/{{shaker_port}} is already active - shell: firewall-cmd --list-ports | egrep -q "^{{shaker_port}}/tcp" - ignore_errors: true - register: firewalld_shaker_port_exists - no_log: true - tags: - # Skip ANSIBLE0012 Commands should not change things if nothing needs doing - # Need to check if port is already active - - skip_ansible_lint - -- name: (browbeat_results) Determine if TCP/{{browbeat_results_port}} is already active - shell: firewall-cmd --list-ports | egrep -q "^{{browbeat_results_port}}/tcp" - when: browbeat_results_in_httpd - ignore_errors: true - register: firewalld_browbeat_results_port_exists - no_log: true - tags: - # Skip ANSIBLE0012 Commands should not change things if nothing needs doing - # Need to check if port is already active - - skip_ansible_lint - -# add firewall rule via firewall-cmd -- name: (shaker) Add firewall rule for TCP/{{shaker_port}} (firewalld) - command: "{{ item }}" - with_items: - - firewall-cmd --zone=public --add-port={{shaker_port}}/tcp --permanent - - firewall-cmd --reload - ignore_errors: true - become: true - when: firewalld_in_use.rc == 0 and firewalld_is_active.rc == 0 and firewalld_shaker_port_exists.rc != 0 - -- name: (browbeat_results) Add firewall rule for TCP/{{browbeat_results_port}} (firewalld) - command: "{{ item }}" - with_items: - - firewall-cmd --zone=public --add-port={{browbeat_results_port}}/tcp --permanent - - firewall-cmd --reload - ignore_errors: true - become: true - when: browbeat_results_in_httpd and firewalld_in_use.rc == 0 and firewalld_is_active.rc == 0 and firewalld_browbeat_results_port_exists.rc != 0 - -# iptables-services -- name: (shaker) check firewall rules for TCP/{{shaker_port}} (iptables-services) - shell: grep "dport {{shaker_port}} \-j ACCEPT" /etc/sysconfig/iptables | wc -l - ignore_errors: true - become: true - register: iptables_shaker_port_exists - failed_when: iptables_shaker_port_exists == 127 - no_log: true - tags: - # Skip ANSIBLE0012 Commands should not change things if nothing needs doing - # Need to check if port is already active - - skip_ansible_lint - -- name: (browbeat_results) Check firewall rules for TCP/{{browbeat_results_port}} (iptables-services) - shell: grep "dport {{browbeat_results_port}} \-j ACCEPT" /etc/sysconfig/iptables | wc -l - when: browbeat_results_in_httpd - ignore_errors: true - become: true - register: iptables_browbeat_results_port_exists - failed_when: iptables_browbeat_results_port_exists == 127 - no_log: true - tags: - # Skip ANSIBLE0012 Commands should not change things if nothing needs doing - # Need to check if port is already active - - skip_ansible_lint - -- name: (shaker) Add firewall rule for TCP/{{shaker_port}} (iptables-services) - lineinfile: - dest: /etc/sysconfig/iptables - line: '-A INPUT -p tcp -m tcp --dport {{shaker_port}} -j ACCEPT' - insertbefore: '^-A INPUT -i lo' - backup: yes - become: true - when: firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0 and iptables_shaker_port_exists.stdout|int == 0 - register: iptables_needs_restart - -- name: (browbeat_results) Add firewall rule for TCP/{{browbeat_results_port}} (iptables-services) - lineinfile: - dest: /etc/sysconfig/iptables - line: '-A INPUT -p tcp -m tcp --dport {{browbeat_results_port}} -j ACCEPT' - insertbefore: '^-A INPUT -i lo' - backup: yes - become: true - when: browbeat_results_in_httpd and firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0 and iptables_browbeat_results_port_exists.stdout|int == 0 - register: iptables_needs_restart - -- name: Restart iptables-services (iptables-services) - command: systemctl restart iptables.service - ignore_errors: true - become: true - when: iptables_needs_restart != 0 and firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0 -### end firewall ### - -# -# Obtain and upload images for use with browbeat -# - -- name: Fetch image - get_url: url={{ images[item].url }} dest={{ home_dir }}/{{ item }} - with_items: "{{ images }}" - -- name: Determine if image exists - shell: . {{ overcloudrc }}; openstack image list | grep '{{ item }}' - register: image_exists - ignore_errors: true - changed_when: false - with_items: "{{ images }}" - -- name: Remove image from dictionary of images if image exists - set_fact: images="{{ images|dict_remove(item[0]) }}" - when: "'{{ item[0] }}' in '{{ item[1].stdout }}'" - with_nested: - - "{{ images }}" - - "{{ image_exists.results }}" - -- name: Upload image into cloud (Newton and Ocata versions) - shell: . {{ overcloudrc }}; openstack image create --public --disk-format=qcow2 --container-format=bare {{ item }} < {{ home_dir }}/{{ item }} - ignore_errors: true - with_items: "{{ images }}" - -# -# Add additional flavor to overcloud -# - -# Ignore errors here incase the flavors already exist. -- name: Add flavors to overcloud - shell: . {{ overcloudrc }}; nova flavor-create {{item.name}} auto {{item.memory}} {{item.disk}} {{item.cpu}} - with_items: "{{browbeat_flavors}}" - ignore_errors: true + requirements: "{{ browbeat_path }}/requirements.txt" + virtualenv: "{{ browbeat_venv }}" diff --git a/ansible/install/roles/firewall/tasks/main.yml b/ansible/install/roles/firewall/tasks/main.yml new file mode 100644 index 000000000..bb1b04e18 --- /dev/null +++ b/ansible/install/roles/firewall/tasks/main.yml @@ -0,0 +1,116 @@ +--- +# +# Setup firewalld or iptables for Browbeat +# + +- name: Determine if firewalld is in use + shell: systemctl is-enabled firewalld.service | egrep -qv 'masked|disabled' + ignore_errors: true + register: firewalld_in_use + no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if firewall is in use + - skip_ansible_lint + +- name: Determine if firewalld is active + shell: systemctl is-active firewalld.service | egrep -vq 'inactive|unknown' + ignore_errors: true + register: firewalld_is_active + no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if firewall is active + - skip_ansible_lint + +- name: (shaker) Determine if TCP/{{shaker_port}} is already active + shell: firewall-cmd --list-ports | egrep -q "^{{shaker_port}}/tcp" + ignore_errors: true + register: firewalld_shaker_port_exists + no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if port is already active + - skip_ansible_lint + +- name: (browbeat_results) Determine if TCP/{{browbeat_results_port}} is already active + shell: firewall-cmd --list-ports | egrep -q "^{{browbeat_results_port}}/tcp" + when: browbeat_results_in_httpd + ignore_errors: true + register: firewalld_browbeat_results_port_exists + no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if port is already active + - skip_ansible_lint + +# add firewall rule via firewall-cmd +- name: (shaker) Add firewall rule for TCP/{{shaker_port}} (firewalld) + command: "{{ item }}" + with_items: + - firewall-cmd --zone=public --add-port={{shaker_port}}/tcp --permanent + - firewall-cmd --reload + ignore_errors: true + become: true + when: firewalld_in_use.rc == 0 and firewalld_is_active.rc == 0 and firewalld_shaker_port_exists.rc != 0 + +- name: (browbeat_results) Add firewall rule for TCP/{{browbeat_results_port}} (firewalld) + command: "{{ item }}" + with_items: + - firewall-cmd --zone=public --add-port={{browbeat_results_port}}/tcp --permanent + - firewall-cmd --reload + ignore_errors: true + become: true + when: browbeat_results_in_httpd and firewalld_in_use.rc == 0 and firewalld_is_active.rc == 0 and firewalld_browbeat_results_port_exists.rc != 0 + +# iptables-services +- name: (shaker) check firewall rules for TCP/{{shaker_port}} (iptables-services) + shell: "grep \"dport {{shaker_port}} \\-j ACCEPT\" {{iptables_file}} | wc -l" + ignore_errors: true + become: true + register: iptables_shaker_port_exists + failed_when: iptables_shaker_port_exists == 127 + no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if port is already active + - skip_ansible_lint + +- name: (browbeat_results) Check firewall rules for TCP/{{browbeat_results_port}} (iptables-services) + shell: "grep \"dport {{browbeat_results_port}} \\-j ACCEPT\" {{iptables_file}} | wc -l" + when: browbeat_results_in_httpd + ignore_errors: true + become: true + register: iptables_browbeat_results_port_exists + failed_when: iptables_browbeat_results_port_exists == 127 + no_log: true + tags: + # Skip ANSIBLE0012 Commands should not change things if nothing needs doing + # Need to check if port is already active + - skip_ansible_lint + +- name: (shaker) Add firewall rule for TCP/{{shaker_port}} (iptables-services) + lineinfile: + dest: "{{iptables_file}}" + line: '-A INPUT -p tcp -m tcp --dport {{shaker_port}} -j ACCEPT' + insertbefore: '^-A INPUT -i lo' + backup: yes + become: true + when: firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0 and iptables_shaker_port_exists.stdout|int == 0 + register: iptables_needs_restart + +- name: (browbeat_results) Add firewall rule for TCP/{{browbeat_results_port}} (iptables-services) + lineinfile: + dest: "{{iptables_file}}" + line: '-A INPUT -p tcp -m tcp --dport {{browbeat_results_port}} -j ACCEPT' + insertbefore: '^-A INPUT -i lo' + backup: yes + become: true + when: browbeat_results_in_httpd and firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0 and iptables_browbeat_results_port_exists.stdout|int == 0 + register: iptables_needs_restart + +- name: Restart iptables-services (iptables-services) + command: systemctl restart iptables.service + ignore_errors: true + become: true + when: iptables_needs_restart != 0 and firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0 diff --git a/ansible/install/roles/flavors/tasks/main.yml b/ansible/install/roles/flavors/tasks/main.yml new file mode 100644 index 000000000..7d44e891c --- /dev/null +++ b/ansible/install/roles/flavors/tasks/main.yml @@ -0,0 +1,10 @@ +--- +# +# Add flavors to OpenStack Cloud +# + +# Ignore errors here incase the flavors already exist. +- name: Add flavors to overcloud + shell: . {{ browbeat_venv }}/bin/activate; . {{ overcloudrc }}; nova flavor-create {{item.name}} auto {{item.memory}} {{item.disk}} {{item.cpu}} + with_items: "{{browbeat_flavors}}" + ignore_errors: true diff --git a/ansible/install/roles/browbeat/vars/main.yml b/ansible/install/roles/flavors/vars/main.yml similarity index 100% rename from ansible/install/roles/browbeat/vars/main.yml rename to ansible/install/roles/flavors/vars/main.yml diff --git a/ansible/install/roles/images/tasks/main.yml b/ansible/install/roles/images/tasks/main.yml new file mode 100644 index 000000000..dcbd67eff --- /dev/null +++ b/ansible/install/roles/images/tasks/main.yml @@ -0,0 +1,42 @@ +--- +# +# Obtain/Upload images to OpenStack Cloud +# + +- name: Fetch image + get_url: + url: "{{ images[item].url }}" + dest: "{{ home_dir }}/{{ images[item].name }}.{{ images[item].type }}" + with_items: "{{ images }}" + +- name: Determine if image exists + shell: . {{ browbeat_venv }}/bin/activate; . {{ overcloudrc }}; openstack image list | grep '{{ images[item].name }}' + register: image_exists + ignore_errors: true + changed_when: false + with_items: "{{ images }}" + +- name: Remove image from dictionary of images if image exists + set_fact: + images: "{{ images|dict_remove(item[0]) }}" + when: "'{{ item[0] }}' in '{{ item[1].stdout }}'" + with_nested: + - "{{ images }}" + - "{{ image_exists.results }}" + +- name: Convert images to raw + command: qemu-img convert -f {{images[item].type}} -O raw {{ home_dir }}/{{ images[item].name }}.{{ images[item].type }} {{ home_dir }}/{{ images[item].name }}.raw + when: "images[item].convert_to_raw == true" + with_items: "{{ images }}" + +- name: Upload image into cloud (Newton and Ocata versions) + shell: . {{ browbeat_venv }}/bin/activate; . {{ overcloudrc }}; openstack image create --public --disk-format={{ images[item].type }} --container-format=bare {{ images[item].name }} < {{ home_dir }}/{{ images[item].name }}.{{ images[item].type }} + ignore_errors: true + when: "images[item].convert_to_raw == false" + with_items: "{{ images }}" + +- name: Upload raw image into cloud (Newton and Ocata versions) + shell: . {{ browbeat_venv }}/bin/activate; . {{ overcloudrc }}; openstack image create --public --disk-format=raw --container-format=bare {{ images[item].name }} < {{ home_dir }}/{{ images[item].name }}.{{ images[item].type }} + ignore_errors: true + when: "images[item].convert_to_raw == true" + with_items: "{{ images }}" diff --git a/ansible/install/roles/perfkitbenchmarker/tasks/main.yml b/ansible/install/roles/perfkitbenchmarker/tasks/main.yml new file mode 100644 index 000000000..21c4da4b8 --- /dev/null +++ b/ansible/install/roles/perfkitbenchmarker/tasks/main.yml @@ -0,0 +1,46 @@ +--- +# +# Browbeat's PerfKitBenchmarker Install +# + +- name: Create perfkit virtualenv + command: virtualenv {{ perfkit_venv }} creates={{ perfkit_venv }} + +- name: Setup perfkit-venv CA certificate path + lineinfile: + dest: "{{ perfkit_venv }}/bin/activate" + line: 'export REQUESTS_CA_BUNDLE={{ overcloud_ca_path }}' + when: overcloud_ca_path is defined + +- name: Determine if PerfKitBenchmarker is already cloned + stat: + path: "{{ perfkit_venv }}/PerfKitBenchmarker" + register: perfkit_exists + +- debug: msg="PerfKitBenchmarker already exists on the host" + when: perfkit_exists.stat.isdir is defined and perfkit_exists.stat.isdir + +- name: Clone PerfKitBenchmarker on undercloud + git: + repo: https://github.com/GoogleCloudPlatform/PerfKitBenchmarker.git + dest: "{{perfkit_venv}}/PerfKitBenchmarker" + version: "{{perfkit_version}}" + when: perfkit_exists.stat.isdir is undefined + +- name: Install PerfKitBenchmarker requirements into perfkit-venv + pip: + requirements: "{{perfkit_venv}}/PerfKitBenchmarker/requirements.txt" + virtualenv: "{{perfkit_venv}}" + +- name: Install PerfKitBenchmarker Openstack requirements into perfkit-venv + pip: + requirements: "{{ perfkit_venv }}/PerfKitBenchmarker/perfkitbenchmarker/providers/openstack/requirements.txt" + virtualenv: "{{perfkit_venv}}" + +# (akrzos) - Using 2.6 seems most stable, Using latest or >2.6 as per PerfKitBenchmarker +# openstack/requirements.txt results in an openstack cli error. +- name: Downgrade python-openstackclient inside perfkit-venv + pip: + name: python-openstackclient + version: 2.6.0 + virtualenv: "{{perfkit_venv}}" diff --git a/ansible/install/roles/rally/tasks/main.yml b/ansible/install/roles/rally/tasks/main.yml new file mode 100644 index 000000000..5a5a14a6f --- /dev/null +++ b/ansible/install/roles/rally/tasks/main.yml @@ -0,0 +1,43 @@ +--- +# +# Browbeat's Rally Install +# + +- name: Create rally virtualenv + command: virtualenv {{ rally_venv }} creates={{ rally_venv }} + +- name: Rally Add browbeat to Python path + shell: echo 'export PYTHONPATH=$PYTHONPATH:{{ browbeat_path }}/lib' >> {{ rally_venv }}/bin/activate + +- name: Setup rally-venv CA certificate path + lineinfile: + dest: "{{ rally_venv }}/bin/activate" + line: 'export REQUESTS_CA_BUNDLE={{ overcloud_ca_path }}' + when: overcloud_ca_path is defined + +- name: Install rally into rally-venv + pip: + name: rally + version: "{{ rally_version }}" + virtualenv: "{{ rally_venv }}" + +- name: Install elasticsearch into rally-venv + pip: + name: elasticsearch + virtualenv: "{{ rally_venv }}" + +- name: Create rally configuration directory + file: + path: "{{ rally_venv }}/etc/rally" + state: directory + +- name: Setup rally.conf + template: + src: rally.conf.j2 + dest: "{{ rally_venv }}/etc/rally/rally.conf" + +- name: Setup rally database + shell: . {{ rally_venv }}/bin/activate; rally-manage db recreate + +- name: Setup rally deployment + shell: . {{ rally_venv }}/bin/activate; . {{ overcloudrc }}; rally deployment create --fromenv --name overcloud diff --git a/ansible/install/roles/rally/templates/rally.conf.j2 b/ansible/install/roles/rally/templates/rally.conf.j2 new file mode 100644 index 000000000..992a377f4 --- /dev/null +++ b/ansible/install/roles/rally/templates/rally.conf.j2 @@ -0,0 +1,23 @@ +[DEFAULT] +# If set to true, the logging level will be set to DEBUG instead of +# the default INFO level. (boolean value) +# Note: This option can be changed without restarting. +#debug = false + +[benchmark] + +# Server boot timeout (floating point value) +#nova_server_boot_timeout = 300.0 + +[cleanup] +# Number of cleanup threads to run (integer value) +#cleanup_threads = 20 + +[database] +# The SQLAlchemy connection string to use to connect to the database. +# (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection = +connection=sqlite:////tmp/{{browbeat_user}}.sqlite diff --git a/ansible/install/roles/shaker-check/tasks/main.yml b/ansible/install/roles/shaker-check/tasks/main.yml index dfaa2a9b1..e7bbe842f 100644 --- a/ansible/install/roles/shaker-check/tasks/main.yml +++ b/ansible/install/roles/shaker-check/tasks/main.yml @@ -4,7 +4,7 @@ # - name: Check for heat - service: name={{ item }} state=running + service: name={{ item }} state=started become: true with_items: - openstack-heat-api diff --git a/ansible/install/roles/shaker/tasks/main.yml b/ansible/install/roles/shaker/tasks/main.yml new file mode 100644 index 000000000..f55594fa4 --- /dev/null +++ b/ansible/install/roles/shaker/tasks/main.yml @@ -0,0 +1,19 @@ +--- +# +# Browbeat's Shaker Install +# + +- name: Create shaker virtualenv + command: virtualenv {{ shaker_venv }} creates={{ shaker_venv }} + +- name: Setup shaker-venv CA certificate path + lineinfile: + dest: "{{ shaker_venv }}/bin/activate" + line: 'export REQUESTS_CA_BUNDLE={{ overcloud_ca_path }}' + when: overcloud_ca_path is defined + +- name: Install shaker + pip: + name: pyshaker + version: "{{ shaker_version }}" + virtualenv: "{{ shaker_venv }}" diff --git a/ansible/oooq/baremetal-virt-undercloud-tripleo-browbeat.yml b/ansible/oooq/baremetal-virt-undercloud-tripleo-browbeat.yml index 36c856591..2a284098a 100644 --- a/ansible/oooq/baremetal-virt-undercloud-tripleo-browbeat.yml +++ b/ansible/oooq/baremetal-virt-undercloud-tripleo-browbeat.yml @@ -26,6 +26,13 @@ roles: - browbeat/common - browbeat/browbeat + - browbeat/browbeat-results + - browbeat/firewall + - browbeat/perfkitbenchmarker + - browbeat/rally + - browbeat/shaker + - browbeat/flavors + - browbeat/images - browbeat/browbeat-network - browbeat/template-configs - browbeat/statsd-ironic diff --git a/ansible/oooq/quickstart-browbeat.yml b/ansible/oooq/quickstart-browbeat.yml index c82fadffb..24485e5b8 100644 --- a/ansible/oooq/quickstart-browbeat.yml +++ b/ansible/oooq/quickstart-browbeat.yml @@ -15,6 +15,13 @@ roles: - browbeat/common - browbeat/browbeat + - browbeat/browbeat-results + - browbeat/firewall + - browbeat/perfkitbenchmarker + - browbeat/rally + - browbeat/shaker + - browbeat/flavors + - browbeat/images - browbeat/browbeat-network - browbeat/template-configs diff --git a/doc/source/installation.rst b/doc/source/installation.rst index 28046ae38..5f44aaed3 100644 --- a/doc/source/installation.rst +++ b/doc/source/installation.rst @@ -2,136 +2,376 @@ Installation ============ -Installing Browbeat and running the Overcloud checks can be performed -either from your local machine or from the undercloud. The local machine -install/check assumes you have ansible installed already. +Browbeat is currently installed via an ansible playbook. In a Tripleo +environment it can be installed directly on the Undercloud or a separate +machine. The installation can be run from either your local machine or +directly on the machine you want Browbeat installed on. -Before running Browbeat ------------------------ +Install Browbeat on Undercloud +------------------------------ -- Execute the ansible/generate_tripleo_hostfile.sh script (builds ssh-config file) -- Configure browbeat-config.yaml to match your tests -- (Optional) Set your Openstack version metadata in metadata/version.json +This is usually the easiest installation due to many requirements are satified +on the Undercloud. In some cases it may not be desired to install Browbeat on +the Undercloud (Ex. Limited Resource requirements or Non-Tripleo installed +cloud) -Currently Keystone Dashboards only depend on osp_series but may be extended to show -build date in the future, thus build is also provided but not required. You can -add whatever other version related metadata you would like to metadata/version.json. -Typically, whatever automation you have to produce builds should provide this file. +Requirements +~~~~~~~~~~~~ -What is necessary ------------------ +Hardware -- Ansible +* Undercloud Machine (Baremetal or Virtual Machine) - Why? We started with using bash to make changes to the Overcloud, - creating complex sed/awks that we get for free with Ansible (for the - most part). Other monitoring and stress test tools are installed by - the respective playbooks when run. +Networking -Install Browbeat from your local machine ----------------------------------------- +* Access to Public API endpoints +* Access to Keystone Admin Endpoint -From your local machine -~~~~~~~~~~~~~~~~~~~~~~~ +.. note:: For tripleo, public API endpoints are located on the External + Network by default. The Keystone Admin Endpoint is deployed on the ctlplane + network by default. These networking requirements should be validated before + attempting an installation. + +On the Undercloud +~~~~~~~~~~~~~~~~~ :: - $ ssh-copy-id stack@ - $ git clone https://github.com/openstack/browbeat.git - $ cd browbeat/ansible - $ ./generate_tripleo_hostfile.sh - $ vi install/group_vars/all.yml # Make sure to edit the dns_server to the correct ip address - $ ansible-playbook -i hosts install/browbeat.yml - $ vi install/group_vars/all.yml # Edit Browbeat network settings - $ ansible-playbook -i hosts install/browbeat_network.yml # For external access(required to build Shaker image) - $ ansible-playbook -i hosts install/shaker_build.yml - - -.. note:: ``browbeat-network.yml`` might not work for you depending on your - underlay/overlay network setup. In such cases, user needs to create - appropriate networks for instances to allow them to reach the - internet. Some useful documentation can be found at: - https://access.redhat.com/documentation/en/red-hat-openstack-platform/10/\ - single/networking-guide/ - -(Optional) Install collectd -~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -:: - - $ ansible-playbook -i hosts install/collectd-openstack.yml - -(Optional) Install collectd->graphite dashboards -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -:: - - $ ansible-playbook -i hosts install/grafana-dashboards.yml - -(Optional) Install connmon -~~~~~~~~~~~~~~~~~~~~~~~~~~ - -:: - - $ ansible-playbook -i hosts install/connmon.yml - - -Install Browbeat directly on undercloud ---------------------------------------- - -From your undercloud -~~~~~~~~~~~~~~~~~~~~ - -:: - - $ ssh undercloud-root - [root@ospd ~]# su - stack - [stack@ospd ~]$ git clone https://github.com/openstack/browbeat.git - [stack@ospd ~]$ cd browbeat/ansible - [stack@ospd ansible]$ ./generate_tripleo_hostfile.sh localhost - [stack@ospd ansible]$ sudo easy_install pip - [stack@ospd ansible]$ sudo pip install ansible - [stack@ospd ansible]$ vi install/group_vars/all.yml # Make sure to edit the dns_server to the correct ip address - [stack@ospd ansible]$ ansible-playbook -i hosts install/browbeat.yml - [stack@ospd ansible]$ vi install/group_vars/all.yml # Edit Browbeat network settings - [stack@ospd ansible]$ ansible-playbook -i hosts install/browbeat_network.yml # For external access(required to build Shakerimage) - [stack@ospd ansible]$ ansible-playbook -i hosts install/shaker_build.yml + $ ssh undercloud-root + [root@undercloud ~]# su - stack + [stack@undercloud ~]$ git clone https://github.com/openstack/browbeat.git + [stack@undercloud ~]$ cd browbeat/ansible + [stack@undercloud ansible]$ ./generate_tripleo_hostfile.sh -t localhost + [stack@undercloud ansible]$ sudo easy_install pip + [stack@undercloud ansible]$ sudo pip install ansible + [stack@undercloud ansible]$ vi hosts # Uncomment undercloud in first group + [stack@undercloud ansible]$ vi install/group_vars/all.yml # Make sure to edit the dns_server to the correct ip address + [stack@undercloud ansible]$ ansible-playbook -i hosts install/browbeat.yml + [stack@undercloud ansible]$ vi install/group_vars/all.yml # Edit Browbeat network settings + [stack@undercloud ansible]$ ansible-playbook -i hosts install/browbeat_network.yml # For external access(required to build Shakerimage) + [stack@undercloud ansible]$ ansible-playbook -i hosts install/shaker_build.yml .. note:: ``browbeat-network.yml`` might not work for you depending on your underlay/overlay network setup. In such cases, user needs to create appropriate networks for instances to allow them to reach the internet. Some useful documentation can be found at: - https://access.redhat.com/documentation/en/red-hat-openstack-platform/10/\ - single/networking-guide/ + https://access.redhat.com/documentation/en/red-hat-openstack-platform/11/single/networking-guide/ -(Optional) Install collectd +(Optional) Install Collectd ~~~~~~~~~~~~~~~~~~~~~~~~~~~ :: - [stack@ospd ansible]$ ansible-playbook -i hosts install/collectd-openstack.yml + [stack@ospd ansible]$ ansible-playbook -i hosts install/collectd-openstack.yml -(Optional) Install collectd->graphite dashboards -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +(Optional) Install Browbeat Grafana dashboards +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ :: - [stack@ospd ansible]$ ansible-playbook -i hosts install/dashboards-openstack.yml - -(Optional) Install connmon -~~~~~~~~~~~~~~~~~~~~~~~~~~ - -:: - - [stack@ospd ansible]$ ansible-playbook -i hosts install/connmon.yml + [stack@ospd ansible]$ ansible-playbook -i hosts install/dashboards-openstack.yml Run Overcloud checks ~~~~~~~~~~~~~~~~~~~~ :: - [stack@ospd ansible]$ ansible-playbook -i hosts check/site.yml + [stack@ospd ansible]$ ansible-playbook -i hosts check/site.yml Your Overcloud check output is located in results/bug_report.log +Install Browbeat from your local machine +---------------------------------------- + +This installs Browbeat onto your Undercloud but the playbook is run from your +local machine rather than directly on the Undercloud machine. + +From your local machine +~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + $ ssh-copy-id stack@ + $ git clone https://github.com/openstack/browbeat.git + $ cd browbeat/ansible + $ ./generate_tripleo_hostfile.sh -t + $ vi hosts # Uncomment undercloud in first group + $ vi install/group_vars/all.yml # Review and edit configuration items + $ ansible-playbook -i hosts install/browbeat.yml + $ vi install/group_vars/all.yml # Edit Browbeat network settings + $ ansible-playbook -i hosts install/browbeat_network.yml # For external access(required to build Shaker image) + $ ansible-playbook -i hosts install/shaker_build.yml + + +.. note:: ``browbeat-network.yml`` might not work for you depending on your + underlay/overlay network setup. In such cases, user needs to create + appropriate networks for instances to allow them to reach the + internet. Some useful documentation can be found at: + https://access.redhat.com/documentation/en/red-hat-openstack-platform/11/single/networking-guide/ + +(Optional) Install collectd +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + $ ansible-playbook -i hosts install/collectd-openstack.yml + +(Optional) Install Browbeat Grafana dashboards +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + $ ansible-playbook -i hosts install/grafana-dashboards.yml + +Install/Setup Browbeat Machine +------------------------------ + +This setup is used when running Browbeat on a separate machine than the +Undercloud. Using this method, you can create multiple users on the machine +and each user can be pointed at a different cloud or the same cloud. + +Requirements +~~~~~~~~~~~~ + +Hardware + +* Baremetal or Virtual Machine + +Networking + +* Access to Public API endpoints +* Access to Keystone Admin Endpoint + +RPM + +* epel-release +* ansible +* git + +OpenStack + +* overcloudrc file placed in browbeat user home directory + +.. note:: For tripleo, public API endpoints are located on the External + Network by default. The Keystone Admin Endpoint is deployed on the ctlplane + network by default. These networking requirements should be validated before + attempting an installation. + +Preparing the Machine (CentOS 7) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +1. Install Machine either from Image, ISO, or PXE +2. Check for Required Network Connectivity + +Determine Overcloud Keystone endpoints + +:: + + [stack@undercloud-1 ~]$ . overcloudrc + [stack@undercloud-1 ~]$ openstack catalog show identity + +-----------+----------------------------------------+ + | Field | Value | + +-----------+----------------------------------------+ + | endpoints | regionOne | + | | publicURL: http://172.21.0.10:5000 | + | | internalURL: http://172.16.0.16:5000 | + | | adminURL: http://192.168.24.61:35357 | + | | | + | name | keystone | + | type | identity | + +-----------+----------------------------------------+ + +Check network connectivity + +:: + + $ ssh root@browbeatvm + [root@browbeatvm ~]$ # Ping Keystone Admin API IP Address + [root@browbeatvm ~]# ping -c 2 192.168.24.61 + PING 192.168.24.61 (192.168.24.61) 56(84) bytes of data. + 64 bytes from 192.168.24.61: icmp_seq=1 ttl=64 time=1.60 ms + 64 bytes from 192.168.24.61: icmp_seq=2 ttl=64 time=0.312 ms + + --- 192.168.24.61 ping statistics --- + 2 packets transmitted, 2 received, 0% packet loss, time 1001ms + rtt min/avg/max/mdev = 0.312/0.957/1.603/0.646 ms + [root@browbeatvm ~]$ # Ping Keystone Public API IP Address + [root@browbeatvm ~]# ping -c 2 172.21.0.10 + PING 172.21.0.10 (172.21.0.10) 56(84) bytes of data. + 64 bytes from 172.21.0.10: icmp_seq=1 ttl=64 time=0.947 ms + 64 bytes from 172.21.0.10: icmp_seq=2 ttl=64 time=0.304 ms + + --- 172.21.0.10 ping statistics --- + 2 packets transmitted, 2 received, 0% packet loss, time 1001ms + rtt min/avg/max/mdev = 0.304/0.625/0.947/0.322 ms + +3. Create user for Browbeat and generate SSH key + +:: + + [root@browbeatvm ~]# useradd browbeat1 + [root@browbeatvm ~]# passwd browbeat1 + Changing password for user browbeat1. + New password: + Retype new password: + passwd: all authentication tokens updated successfully. + [root@browbeatvm ~]# echo "browbeat1 ALL=(root) NOPASSWD:ALL" | tee -a /etc/sudoers.d/browbeat1; chmod 0440 /etc/sudoers.d/browbeat1 + browbeat1 ALL=(root) NOPASSWD:ALL + [root@browbeatvm ~]# su - browbeat1 + [browbeat1@browbeatvm ~]$ ssh-keygen + Generating public/private rsa key pair. + Enter file in which to save the key (/home/browbeat1/.ssh/id_rsa): + Enter passphrase (empty for no passphrase): + Enter same passphrase again: + Your identification has been saved in /home/browbeat1/.ssh/id_rsa. + Your public key has been saved in /home/browbeat1/.ssh/id_rsa.pub. + The key fingerprint is: + c2:b2:f0:cd:ef:d2:2b:a8:9a:5a:bb:ca:ce:c1:8c:3b browbeat1@browbeatvm + The key's randomart image is: + +--[ RSA 2048]----+ + | | + | | + | | + | . | + | . . o S | + |+ o = . | + |.+. o.o. | + |E+... o.. | + |OB+o ++. | + +-----------------+ + + +4. Enable passwordless SSH into localhost and Undercloud then copy overcloudrc over to Browbeat VM + +:: + + [browbeat1@browbeatvm ansible]$ ssh-copy-id browbeat1@localhost + /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed + /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys + browbeat1@localhost's password: + + Number of key(s) added: 1 + + Now try logging into the machine, with: "ssh 'browbeat1@localhost'" + and check to make sure that only the key(s) you wanted were added. + + [browbeat1@browbeatvm ~]$ ssh-copy-id stack@undercloud-1 + The authenticity of host 'undercloud-1 (undercloud-1)' can't be established. + ECDSA key fingerprint is fa:3a:02:e8:8e:92:4d:a7:9c:90:68:6a:c2:eb:fe:e1. + Are you sure you want to continue connecting (yes/no)? yes + /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed + /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys + stack@undercloud-1's password: + + Number of key(s) added: 1 + + Now try logging into the machine, with: "ssh 'stack@undercloud-1'" + and check to make sure that only the key(s) you wanted were added. + + [browbeat1@browbeatvm ~]$ scp stack@undercloud-1:/home/stack/overcloudrc . + overcloudrc 100% 553 0.5KB/s 00:00 + +5. Install RPM requirements + +:: + + [browbeat1@browbeatvm ~]$ sudo yum install -y epel-release + [browbeat1@browbeatvm ~]$ sudo yum install -y ansible git + +6. Clone Browbeat + +:: + + [browbeatuser1@browbeat-vm ~]$ git clone https://github.com/openstack/browbeat.git + Cloning into 'browbeat'... + remote: Counting objects: 7425, done. + remote: Compressing objects: 100% (15/15), done. + remote: Total 7425 (delta 14), reused 12 (delta 12), pack-reused 7398 + Receiving objects: 100% (7425/7425), 5.23 MiB | 0 bytes/s, done. + Resolving deltas: 100% (4280/4280), done. + +7. Generate hosts, ssh-config, and retrieve heat-admin-id_rsa. Then uncomment + "localhost" under Browbeat Hosts Group + +:: + + [browbeat1@browbeatvm ~]$ cd browbeat/ansible/ + [browbeat1@browbeatvm ansible]$ ./generate_tripleo_hostfile.sh -t undercloud-1 --localhost + ... + [browbeat1@browbeatvm ansible]$ ls ssh-config hosts heat-admin-id_rsa + heat-admin-id_rsa hosts ssh-config + +Note use of "--localhost" to indicate the desire to install browbeat on the +localhost rather than the undercloud. + +8. Edit installation variables + +:: + + [browbeat1@browbeatvm ansible]$ vi install/group_vars/all.yml + +In this case, adjust browbeat_user, iptables_file and dns_server. Each +environment is different and thus your configuration options will vary. + +9. Run Browbeat install playbook + +:: + + [browbeat1@browbeatvm ansible]$ ansible-playbook -i hosts install/browbeat.yml + +10. Setup browbeat-config.yaml and test run Rally against cloud + +:: + + [browbeat1@browbeatvm ansible]$ cd .. + [browbeat1@browbeatvm browbeat]$ vi browbeat-config.yaml + [browbeat1@browbeatvm browbeat]$ . ../browbeat-venv/bin/activate + (browbeat-venv) [browbeat1@browbeatvm browbeat]$ python browbeat.py rally + +Make sure to modify the venv settings for Rally to match the directory in which +Rally was installed in. You will have to do so for other workload providers as +well. + +11. Setup network for Shaker+PerfKitBenchmarker and build Shaker image + +:: + + [browbeatuser1@browbeat-vm ~]$ vi install/group_vars/all.yml # Edit Browbeat network settings + [browbeatuser1@browbeat-vm ~]$ ansible-playbook -i hosts install/browbeat_network.yml # For external access(required to build Shaker image) + [browbeatuser1@browbeat-vm ~]$ ansible-playbook -i hosts install/shaker_build.yml + +.. note:: ``browbeat-network.yml`` might not work for you depending on your + underlay/overlay network setup. In such cases, user needs to create + appropriate networks for instances to allow them to reach the + internet. Some useful documentation can be found at: + https://access.redhat.com/documentation/en/red-hat-openstack-platform/11/single/networking-guide/ + +(Optional) Install collectd +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + [browbeatuser1@browbeat-vm ~]$ ansible-playbook -i hosts install/collectd-openstack.yml + +(Optional) Install Browbeat Grafana dashboards +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + [browbeatuser1@browbeat-vm ~]$ ansible-playbook -i hosts install/grafana-dashboards.yml + + +Considerations for additional Browbeat Installs +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +If it is desired to run Browbeat against multiple clouds from the same machine. +It is recommended to create a second user (Ex. browbeat2) and repeat above +instructions. In order to expose the second user's Browbeat results via httpd, +change the port (Variable browbeat_results_port) and thus each user's results +will be available via http on different ports. + +.. note:: Keep in mind that running multiple sets of control plane workloads + from multiple Browbeat users at the same time will introduce variation into + resulting performance data if the machine on which Browbeat is installed is + resource constrained. diff --git a/doc/source/usage.rst b/doc/source/usage.rst index b06f3a088..576af58de 100644 --- a/doc/source/usage.rst +++ b/doc/source/usage.rst @@ -174,7 +174,7 @@ per-cloud and clone Browbeat into that specific directory: [browbeat@laptop cloud01]$ git clone git@github.com:openstack/browbeat.git ... [browbeat@laptop cloud01]$ cd browbeat/ansible - [browbeat@laptop ansible]$ ./generate_tripleo_hostfile.sh + [browbeat@laptop ansible]$ ./generate_tripleo_hostfile.sh -t [browbeat@laptop ansible]$ ansible-playbook -i hosts (Your playbook you wish to run...) [browbeat@laptop ansible]$ ssh -F ssh-config overcloud-controller-0 # Takes you to first controller diff --git a/metadata/version.json b/metadata/version.json index c6f4a513c..51fc88c84 100644 --- a/metadata/version.json +++ b/metadata/version.json @@ -1,4 +1,4 @@ { - "osp_series": "newton", - "build": "2016-09-01.1" + "osp_series": "ocata", + "build": "2017-XX-XX.X" } diff --git a/requirements.txt b/requirements.txt index 3f80fc665..4141cc9c2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,5 @@ ansible==2.2.0.0 -python-dateutil==2.4.2 -pykwalify elasticsearch +python-dateutil==2.4.2 +python-openstackclient==3.11.0 +pykwalify