Update MNAIO for Focal
This patch removes legacy support for 14.04/16.04/18.04 on the deploy node and moves the default deploy to Xena on 20.04 LTS. Root disk size has been bumped to support upgrades (8 GB -> 12 GB). Change-Id: I81a13464b9daa90090cb380e2b0d89e5eb8fe89a
This commit is contained in:
parent
5c1bd46f91
commit
ab91446804
@ -1,6 +1,6 @@
|
||||
OpenStack-Ansible Multi-Node AIO
|
||||
################################
|
||||
:date: 2016-03-09
|
||||
:date: 2022-01-12
|
||||
:tags: rackspace, openstack, ansible
|
||||
:category: \*openstack, \*nix
|
||||
|
||||
@ -20,7 +20,7 @@ Process
|
||||
-------
|
||||
|
||||
Create at least one physical host that has public network access and is running
|
||||
an Ubuntu 14.04/16.04/18.04 LTS Operating system. System assumes that you have an
|
||||
an Ubuntu 20.04 LTS Operating system. System assumes that you have an
|
||||
unpartitioned device with at least 1TB of storage, however you can customize the
|
||||
size of each VM volume by setting the option ``${VM_DISK_SIZE}``. If you're
|
||||
using the Rackspace OnMetal servers the drive partitioning will be done for you
|
||||
@ -55,8 +55,6 @@ Physical Host Specs known to work well
|
||||
20 124GB 1.3TB
|
||||
=========== ======== ============
|
||||
|
||||
These specs are covered by the Rackspace OnMetal-IO v1/2 Servers.
|
||||
|
||||
Deployments default to the ML2/LinuxBridge network plugin. Available options
|
||||
at this time include:
|
||||
|
||||
@ -80,6 +78,14 @@ to executing the build:
|
||||
export MNAIO_ANSIBLE_PARAMETERS="-e osa_enable_networking_ovs_dvr=true"
|
||||
./build.sh
|
||||
|
||||
To deploy an MNAIO without LXC, set the following parameter(s) prior
|
||||
to executing the build:
|
||||
|
||||
.. code-block:: bash
|
||||
|
||||
export MNAIO_ANSIBLE_PARAMETERS="-e osa_no_containers=true"
|
||||
./build.sh
|
||||
|
||||
When your ready, run the build script by executing ``bash ./build.sh``. The
|
||||
build script current executes a deployment of OpenStack Ansible using the master
|
||||
branch. If you want to do something other than deploy master you can set the
|
||||
@ -157,8 +163,8 @@ Instruct the system do all of the required DHCPD setup:
|
||||
Instruct the system to Kick all of the VMs:
|
||||
``DEPLOY_VMS=${DEPLOY_VMS:-true}``
|
||||
|
||||
Instruct the VM to use the selected image, eg. ubuntu-16.04-amd64:
|
||||
``DEFAULT_IMAGE=${DEFAULT_IMAGE:-ubuntu-16.04-amd64}``
|
||||
Instruct the VM to use the selected image, eg. ubuntu-18.04-amd64:
|
||||
``DEFAULT_IMAGE=${DEFAULT_IMAGE:-ubuntu-18.04-amd64}``
|
||||
|
||||
Instruct the VM to use the selected kernel meta package, eg. linux-generic:
|
||||
``DEFAULT_KERNEL=${DEFAULT_KERNEL:-linux-image-generic}``
|
||||
|
@ -27,18 +27,15 @@ build-essential [platform:dpkg]
|
||||
git-core [platform:dpkg]
|
||||
libssl-dev [platform:dpkg]
|
||||
libffi-dev [platform:dpkg]
|
||||
python2.7 [platform:dpkg]
|
||||
python-apt [platform:dpkg]
|
||||
python-dev [platform:dpkg]
|
||||
python3 [platform:dpkg]
|
||||
python3-apt [platform:dpkg]
|
||||
python3-dev [platform:dpkg]
|
||||
|
||||
# Base requirements for RPM distros
|
||||
gcc [platform:rpm]
|
||||
gcc-c++ [platform:rpm]
|
||||
git [platform:rpm]
|
||||
libffi-devel [platform:rpm !platform:opensuseproject-42]
|
||||
libffi-devel-gcc5 [platform:opensuseproject-42]
|
||||
openssl-devel [platform:redhat]
|
||||
libopenssl-devel [platform:suse]
|
||||
python-devel [platform:rpm]
|
||||
python2-dnf [platform:fedora]
|
||||
|
||||
@ -49,15 +46,12 @@ libsemanage-python [platform:redhat]
|
||||
# For SSL SNI support
|
||||
python-pyasn1 [platform:dpkg platform:suse]
|
||||
python-openssl [platform:dpkg]
|
||||
python-ndg-httpsclient [platform:ubuntu !platform:ubuntu-14]
|
||||
python3-ndg-httpsclient [platform:ubuntu]
|
||||
python2-pyasn1 [platform:redhat]
|
||||
python2-pyOpenSSL [platform:redhat !platform:fedora]
|
||||
pyOpenSSL [platform:fedora]
|
||||
python-pyOpenSSL [platform:opensuseproject-42]
|
||||
python2-pyOpenSSL [platform:suse !platform:opensuseproject-42]
|
||||
python-ndg_httpsclient [platform:redhat !platform:fedora]
|
||||
python2-ndg_httpsclient [platform:fedora]
|
||||
python-ndg-httpsclient [platform:suse]
|
||||
|
||||
# Required for compressing collected log files in CI
|
||||
gzip
|
||||
|
@ -20,11 +20,7 @@ BINDEP_FILE=${BINDEP_FILE:-bindep.txt}
|
||||
|
||||
# We use the OSA branch variable to pin both the plugins
|
||||
# and the ansible version used to work together.
|
||||
# TODO(odyssey4me):
|
||||
# Switch this to use the master branch once the following
|
||||
# bug is fixed.
|
||||
# https://github.com/ansible/ansible/issues/47301
|
||||
export OSA_DEPS_BRANCH=${OSA_DEPS_BRANCH:-stable/rocky}
|
||||
export OSA_DEPS_BRANCH=${OSA_DEPS_BRANCH:-master}
|
||||
|
||||
source /etc/os-release || source /usr/lib/os-release
|
||||
|
||||
|
@ -42,7 +42,7 @@ ansible-playbook -vv \
|
||||
-e osa_branch=${OSA_BRANCH:-"master"} \
|
||||
-e os_ops_branch=${OS_OPS_BRANCH:-"master"} \
|
||||
-e default_network=${DEFAULT_NETWORK:-"eth0"} \
|
||||
-e default_image=${DEFAULT_IMAGE:-"ubuntu-18.04-amd64"} \
|
||||
-e default_image=${DEFAULT_IMAGE:-"ubuntu-20.04-amd64"} \
|
||||
-e vm_disk_size=${VM_DISK_SIZE:-92160} \
|
||||
-e http_proxy=${http_proxy:-''} \
|
||||
-e run_osa=${RUN_OSA:-"true"} \
|
||||
|
@ -114,32 +114,6 @@
|
||||
set_fact:
|
||||
network_setup: "{{ images[default_vm_image]['network_setup'] }}"
|
||||
|
||||
# ENI Block
|
||||
- name: Generate guest networking scripts for /e/n/i family
|
||||
template:
|
||||
src: "pxe/configs/eni/vm-bridges.cfg.j2"
|
||||
dest: /var/www/pxe/networking/{{ hostvars[item]['server_hostname'] }}-bridges.cfg
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
with_items: "{{ groups['pxe_servers'] }}"
|
||||
when: network_setup | lower == "eni"
|
||||
|
||||
- name: Generate post-install network scripts for /e/n/i family
|
||||
template:
|
||||
src: "pxe/configs/eni/{{ item.src }}"
|
||||
dest: /var/www/pxe/{{ item.dir }}/{{ item.dest }}
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
with_items:
|
||||
- src: basic-interface.cfg
|
||||
dest: basic-debian-interface.cfg
|
||||
dir: networking
|
||||
- src: eni-post-network-script.sh.j2
|
||||
dest: vm-post-network-script.sh
|
||||
dir: scripts
|
||||
when: network_setup | lower == "eni"
|
||||
|
||||
# Systemd-networkd Block
|
||||
- name: Generate vm network scripts for systemd-network family
|
||||
|
@ -249,25 +249,6 @@
|
||||
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
||||
|
||||
|
||||
# In vm-post-install-script.sh.j2 we chattr +i the interfaces file to prevent
|
||||
# the preseed system from overwriting the file after we've modified it. The
|
||||
# task below simply removes the immutable attribute.
|
||||
- name: Remove immutable attr from /etc/network/interfaces
|
||||
hosts: vm_servers
|
||||
gather_facts: true
|
||||
environment: "{{ deployment_environment_variables | default({}) }}"
|
||||
tags:
|
||||
- deploy-vms
|
||||
tasks:
|
||||
- name: Remove immutable attr from /etc/network/interfaces
|
||||
file:
|
||||
path: /etc/network/interfaces
|
||||
attr: ""
|
||||
when:
|
||||
- ansible_distribution | lower == "ubuntu"
|
||||
- ansible_distribution_release | lower == "trusty"
|
||||
|
||||
|
||||
- name: Set MaxSessions and MaxStartups to reduce connection failures
|
||||
hosts: vm_servers
|
||||
gather_facts: "{{ gather_facts | default(true) }}"
|
||||
@ -363,6 +344,12 @@
|
||||
size: "100%FREE"
|
||||
shrink: false
|
||||
|
||||
- name: Modify scan_lvs for nested vg
|
||||
replace:
|
||||
path: /etc/lvm/lvm.conf
|
||||
regexp: "scan_lvs = 0"
|
||||
replace: "scan_lvs = 1"
|
||||
|
||||
- name: Create data cinder-volumes VG
|
||||
lvg:
|
||||
vg: cinder-volumes
|
||||
|
@ -12,13 +12,13 @@
|
||||
# limitations under the License.
|
||||
|
||||
default_interface: "{{ default_network | default('eth0') }}"
|
||||
default_vm_image: "{{ default_image | default('ubuntu-16.04-amd64') }}"
|
||||
default_vm_image: "{{ default_image | default('ubuntu-20.04-amd64') }}"
|
||||
default_vm_storage: "{{ vm_disk_size | default(92160) }}"
|
||||
default_vm_root_disk_size: 8192
|
||||
default_vm_root_disk_size: 12288
|
||||
default_acng_bind_address: 0.0.0.0
|
||||
default_os_families:
|
||||
ubuntu-16.04-amd64: debian
|
||||
ubuntu-14.04-amd64: debian
|
||||
ubuntu-20.04-amd64: debian
|
||||
ubuntu-18.04-amd64: debian
|
||||
|
||||
default_ubuntu_kernel: linux-generic
|
||||
default_ubuntu_mirror_proxy: 'http://10.0.2.1:3142/'
|
||||
@ -44,6 +44,21 @@ tftp_port: 69
|
||||
|
||||
# Default ISO images
|
||||
images:
|
||||
ubuntu-20.04-amd64:
|
||||
image_type: "debian"
|
||||
network_setup: "systemd-networkd"
|
||||
image_os: "ubuntu"
|
||||
image-version: "focal"
|
||||
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical"
|
||||
image_netboot_kernel_url: "http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64/linux"
|
||||
image_netboot_initrd_url: "http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64/initrd.gz"
|
||||
image_configs:
|
||||
vm:
|
||||
url: "http://{{ tftp_server }}/configs/vm.config"
|
||||
template_name: "vm.config"
|
||||
vm-compute:
|
||||
url: "http://{{ tftp_server }}/configs/vm-compute.config"
|
||||
template_name: "vm-compute.config"
|
||||
ubuntu-18.04-amd64:
|
||||
image_type: "debian"
|
||||
network_setup: "systemd-networkd"
|
||||
@ -59,51 +74,6 @@ images:
|
||||
vm-compute:
|
||||
url: "http://{{ tftp_server }}/configs/vm-compute.config"
|
||||
template_name: "vm-compute.config"
|
||||
ubuntu-16.04-amd64:
|
||||
image_type: "debian"
|
||||
network_setup: "eni"
|
||||
image_os: "ubuntu"
|
||||
image-version: "xenial"
|
||||
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical"
|
||||
image_netboot_kernel_url: "http://archive.ubuntu.com/ubuntu/dists/xenial-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/linux"
|
||||
image_netboot_initrd_url: "http://archive.ubuntu.com/ubuntu/dists/xenial-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/initrd.gz"
|
||||
image_configs:
|
||||
vm:
|
||||
url: "http://{{ tftp_server }}/configs/vm.config"
|
||||
template_name: "vm.config"
|
||||
vm-compute:
|
||||
url: "http://{{ tftp_server }}/configs/vm-compute.config"
|
||||
template_name: "vm-compute.config"
|
||||
ubuntu-14.04-amd64:
|
||||
image_type: "debian"
|
||||
network_setup: "eni"
|
||||
image_os: "ubuntu"
|
||||
image_version: "trusty"
|
||||
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical quiet splash"
|
||||
image_netboot_kernel_url: "http://archive.ubuntu.com/ubuntu/dists/trusty-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/linux"
|
||||
image_netboot_initrd_url: "http://archive.ubuntu.com/ubuntu/dists/trusty-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/initrd.gz"
|
||||
image_configs:
|
||||
vm:
|
||||
url: "http://{{ tftp_server }}/configs/vm.config"
|
||||
template_name: "vm.config"
|
||||
vm-compute:
|
||||
url: "http://{{ tftp_server }}/configs/vm-compute.config"
|
||||
template_name: "vm-compute.config"
|
||||
centos-7-amd64:
|
||||
image_type: "redhat"
|
||||
network_setup: "systemd-networkd"
|
||||
image_version: 7
|
||||
image_netboot_kernel_url: "http://mirrors.edge.kernel.org/centos/7/os/x86_64/images/pxeboot/vmlinuz"
|
||||
image_netboot_initrd_url: "http://mirrors.edge.kernel.org/centos/7/os/x86_64/images/pxeboot/initrd.img"
|
||||
image_repo_base_url: "http://mirrors.edge.kernel.org/centos/7"
|
||||
image_kernel_options: ""
|
||||
image_configs:
|
||||
vm:
|
||||
url: "http://{{ tftp_server }}/configs/vm.config"
|
||||
template_name: "vm.config"
|
||||
vm-compute:
|
||||
url: "http://{{ tftp_server }}/configs/vm-compute.config"
|
||||
template_name: "vm-compute.config"
|
||||
|
||||
# mnaio_data_disk: 'sdc' # str - not required, set this to define a given data disk if no data disk
|
||||
# is defined the largest unpartitioned disk will be used.
|
||||
|
@ -16,6 +16,9 @@ used_ips:
|
||||
global_overrides:
|
||||
internal_lb_vip_address: "{{ internal_lb_vip_address | default(hostvars[groups['loadbalancer_hosts'][0]]['server_networks']['mgmt']['address'].split('/')[0]) }}"
|
||||
external_lb_vip_address: "{{ external_lb_vip_address | default(hostvars[groups['loadbalancer_hosts'][0]]['server_vm_fixed_addr']) }}"
|
||||
{% if osa_no_containers | bool %}
|
||||
no_containers: True
|
||||
{% endif %}
|
||||
tunnel_bridge: "br-vxlan"
|
||||
management_bridge: "br-mgmt"
|
||||
provider_networks:
|
||||
|
@ -1,172 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Load service variables
|
||||
source /root/openrc
|
||||
|
||||
# Provide defaults for unset variables
|
||||
# Set first two octets of network used for containers, storage, etc
|
||||
NETWORK_BASE=${NETWORK_BASE:-172.29}
|
||||
|
||||
# Create base flavors for the new deployment
|
||||
for flavor in micro tiny mini small medium large xlarge heavy; do
|
||||
NAME="m1.${flavor}"
|
||||
ID="${ID:-0}"
|
||||
RAM="${RAM:-256}"
|
||||
DISK="${DISK:-1}"
|
||||
VCPU="${VCPU:-1}"
|
||||
SWAP="${SWAP:-0}"
|
||||
EPHEMERAL="${EPHEMERAL:-0}"
|
||||
nova flavor-delete $ID > /dev/null || echo "No Flavor with ID: [ $ID ] found to clean up"
|
||||
nova flavor-create $NAME $ID $RAM $DISK $VCPU --swap $SWAP --is-public true --ephemeral $EPHEMERAL --rxtx-factor 1
|
||||
let ID=ID+1
|
||||
let RAM=RAM*2
|
||||
if [ "$ID" -gt 5 ];then
|
||||
let VCPU=VCPU*2
|
||||
let DISK=DISK*2
|
||||
let EPHEMERAL=256
|
||||
let SWAP=4
|
||||
elif [ "$ID" -gt 4 ];then
|
||||
let VCPU=VCPU*2
|
||||
let DISK=DISK*4+$DISK
|
||||
let EPHEMERAL=$DISK/2
|
||||
let SWAP=4
|
||||
elif [ "$ID" -gt 3 ];then
|
||||
let VCPU=VCPU*2
|
||||
let DISK=DISK*4+$DISK
|
||||
let EPHEMERAL=$DISK/3
|
||||
let SWAP=4
|
||||
elif [ "$ID" -gt 2 ];then
|
||||
let VCPU=VCPU+$VCPU/2
|
||||
let DISK=DISK*4
|
||||
let EPHEMERAL=$DISK/3
|
||||
let SWAP=4
|
||||
elif [ "$ID" -gt 1 ];then
|
||||
let VCPU=VCPU+1
|
||||
let DISK=DISK*2+$DISK
|
||||
fi
|
||||
done
|
||||
|
||||
# Neutron provider network setup
|
||||
neutron net-create GATEWAY_NET \
|
||||
--router:external=True \
|
||||
--provider:physical_network=flat \
|
||||
--provider:network_type=flat
|
||||
|
||||
neutron subnet-create GATEWAY_NET ${NETWORK_BASE}.248.0/22 \
|
||||
--name GATEWAY_NET_SUBNET \
|
||||
--gateway ${NETWORK_BASE}.248.1 \
|
||||
--allocation-pool start=${NETWORK_BASE}.248.201,end=${NETWORK_BASE}.248.255 \
|
||||
--dns-nameservers list=true ${DNS_NAMESERVER:-8.8.8.8}
|
||||
|
||||
# Neutron private network setup
|
||||
neutron net-create PRIVATE_NET \
|
||||
--shared \
|
||||
--router:external=True \
|
||||
--provider:network_type=vxlan \
|
||||
--provider:segmentation_id 101
|
||||
|
||||
neutron subnet-create PRIVATE_NET 192.168.0.0/24 \
|
||||
--name PRIVATE_NET_SUBNET
|
||||
|
||||
# Neutron router setup
|
||||
ROUTER_ID=$(neutron router-create GATEWAY_NET_ROUTER | grep -w id | awk '{print $4}')
|
||||
neutron router-gateway-set \
|
||||
${ROUTER_ID} \
|
||||
$(neutron net-list | awk '/GATEWAY_NET/ {print $2}')
|
||||
|
||||
neutron router-interface-add \
|
||||
${ROUTER_ID} \
|
||||
$(neutron subnet-list | awk '/PRIVATE_NET_SUBNET/ {print $2}')
|
||||
|
||||
# Neutron security group setup
|
||||
for id in $(neutron security-group-list -f yaml | awk '/- id\:/ {print $3}'); do
|
||||
# Allow ICMP
|
||||
neutron security-group-rule-create --protocol icmp \
|
||||
--direction ingress \
|
||||
$id || true
|
||||
# Allow all TCP
|
||||
neutron security-group-rule-create --protocol tcp \
|
||||
--port-range-min 1 \
|
||||
--port-range-max 65535 \
|
||||
--direction ingress \
|
||||
$id || true
|
||||
# Allow all UDP
|
||||
neutron security-group-rule-create --protocol udp \
|
||||
--port-range-min 1 \
|
||||
--port-range-max 65535 -\
|
||||
-direction ingress \
|
||||
$id || true
|
||||
done
|
||||
|
||||
# Create some default images
|
||||
wget http://uec-images.ubuntu.com/releases/14.04/release/ubuntu-14.04-server-cloudimg-amd64-disk1.img
|
||||
glance image-create --name 'Ubuntu 14.04 LTS' \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--progress \
|
||||
--file ubuntu-14.04-server-cloudimg-amd64-disk1.img
|
||||
rm ubuntu-14.04-server-cloudimg-amd64-disk1.img
|
||||
|
||||
wget http://uec-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img
|
||||
glance image-create --name 'Ubuntu 16.04' \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--progress \
|
||||
--file ubuntu-16.04-server-cloudimg-amd64-disk1.img
|
||||
rm ubuntu-16.04-server-cloudimg-amd64-disk1.img
|
||||
|
||||
wget http://dfw.mirror.rackspace.com/fedora/releases/24/CloudImages/x86_64/images/Fedora-Cloud-Base-24-1.2.x86_64.qcow2
|
||||
glance image-create --name 'Fedora 24' \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--progress \
|
||||
--file Fedora-Cloud-Base-24-1.2.x86_64.qcow2
|
||||
rm Fedora-Cloud-Base-24-1.2.x86_64.qcow2
|
||||
|
||||
wget http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2
|
||||
glance image-create --name 'CentOS 7' \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--progress \
|
||||
--file CentOS-7-x86_64-GenericCloud.qcow2
|
||||
rm CentOS-7-x86_64-GenericCloud.qcow2
|
||||
|
||||
wget http://download.opensuse.org/repositories/Cloud:/Images:/Leap_42.1/images/openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2
|
||||
glance image-create --name 'OpenSuse Leap 42' \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--progress \
|
||||
--file openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2
|
||||
rm openSUSE-Leap-42.1-OpenStack.x86_64-0.0.4-Build2.12.qcow2
|
||||
|
||||
wget http://cdimage.debian.org/cdimage/openstack/current/debian-8.6.0-openstack-amd64.qcow2
|
||||
glance image-create --name 'Debian 8.6.0' \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--progress \
|
||||
--file debian-8.6.0-openstack-amd64.qcow2
|
||||
rm debian-8.6.0-openstack-amd64.qcow2
|
||||
|
||||
wget http://cdimage.debian.org/cdimage/openstack/testing/debian-testing-openstack-amd64.qcow2
|
||||
glance image-create --name "Debian TESTING $(date +%m-%d-%y)" \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--progress \
|
||||
--file debian-testing-openstack-amd64.qcow2
|
||||
rm debian-testing-openstack-amd64.qcow2
|
||||
|
||||
wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
|
||||
glance image-create --name "Cirros-0.3.4" \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--progress \
|
||||
--file cirros-0.3.4-x86_64-disk.img
|
||||
rm cirros-0.3.4-x86_64-disk.img
|
@ -22,9 +22,7 @@ PassThroughPattern: .*
|
||||
{% if http_proxy is defined and http_proxy %}
|
||||
Proxy: {{ http_proxy }}
|
||||
{% endif %}
|
||||
{% if ansible_distribution_release | lower != 'trusty' %}
|
||||
VfilePatternEx: ^/\?release=[0-9]+&arch=
|
||||
{% endif %}
|
||||
# NOTE(mhayden): Caching the CentOS mirror list causes yum to throw
|
||||
# 503 errors intermittently since the remote file is dynamic. Also,
|
||||
# yum has issues with retrieving the mariadb.org repodata bz2 and
|
||||
|
@ -1,7 +0,0 @@
|
||||
# This file describes the network interfaces available on your system
|
||||
# and how to activate them. For more information, see interfaces(5).
|
||||
# The loopback network interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
source /etc/network/interfaces.d/*.cfg
|
@ -1,30 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
wget --no-proxy http://{{ tftp_server }}/networking/$(cat /etc/hostname)-bridges.cfg -O /etc/network/interfaces.d/vm-bridges.cfg
|
||||
wget --no-proxy http://{{ tftp_server }}/networking/basic-debian-interface.cfg -O /etc/network/interfaces
|
||||
|
||||
# Trusty VMs seem to have their interfaces file overwritten after we write to
|
||||
# it, so we make it immutable to ensure no further changes take place
|
||||
# NOTE: We remove the immutable attr in deploy-vms.yml once the instance is up
|
||||
# and accessible.
|
||||
[[ "$(lsb_release -sc)" == "trusty" ]] && chattr +i /etc/network/interfaces
|
||||
|
||||
cat > /etc/network/if-up.d/post-up-rules <<EOF
|
||||
#!/usr/bin/env bash
|
||||
|
||||
function iptables_filter_rule_add {
|
||||
if ! iptables -w -t $1 -C $2;then
|
||||
/sbin/iptables -w -t $1 -I $2
|
||||
fi
|
||||
}
|
||||
|
||||
# To ensure ssh checksum is correct
|
||||
iptables_filter_rule_add "mangle" "POSTROUTING -p tcp --dport 22 -j CHECKSUM --checksum-fill"
|
||||
|
||||
# To provide internet connectivity to instances
|
||||
iptables_filter_rule_add "nat" "POSTROUTING -o \$(ip route get 1 | awk '{print $5}') -j MASQUERADE"
|
||||
|
||||
# Make sure instances can talk to the metadata server
|
||||
iptables_filter_rule_add "mangle" "POSTROUTING -p tcp --sport 80 -j CHECKSUM --checksum-fill"
|
||||
EOF
|
||||
chmod + /etc/network/if-up.d/post-up-rules
|
@ -1,44 +0,0 @@
|
||||
# Physical interface, could be bond. This only needs to be set once
|
||||
{% set server_networks = hostvars[item]['server_networks'] %}
|
||||
|
||||
{% for key, value in server_networks.items()|sort(attribute='1.iface') %}
|
||||
{% if value.iface is defined %}
|
||||
auto {{ value.iface }}
|
||||
iface {{ value.iface }} inet manual
|
||||
{% endif %}
|
||||
|
||||
{% endfor %}
|
||||
|
||||
{% for key, value in server_networks.items()|sort(attribute='1.iface') %}
|
||||
auto br-{{ key }}
|
||||
iface br-{{ key }} inet {{ value.inet_type }}
|
||||
bridge_stp off
|
||||
bridge_waitport 10
|
||||
bridge_fd 0
|
||||
offload-sg off
|
||||
{% if value.iface is defined and key == "flat" %}
|
||||
pre-up ip link add br-veth-{{ key }} type veth peer name v{{ value.iface }} || true
|
||||
# Set both ends UP
|
||||
pre-up ip link set br-veth-{{ key }} up
|
||||
pre-up ip link set v{{ value.iface }} up
|
||||
# Delete veth pair on DOWN
|
||||
post-down ip link del br-vlan-veth || true
|
||||
bridge_ports {{ value.iface }} br-veth-{{ key }}
|
||||
{% elif value.iface is defined and key == "lbaas" %}
|
||||
pre-up ip link add lb-veth-inbr type veth peer name lb-veth-ovrd || true
|
||||
# Set both ends UP
|
||||
pre-up ip link set lb-veth-inbr up
|
||||
pre-up ip link set lb-veth-ovrd up
|
||||
# Delete veth pair on DOWN
|
||||
post-down ip link del br-vlan-veth || true
|
||||
bridge_ports {{ value.iface }} lb-veth-inbr
|
||||
{% elif value.iface is defined %}
|
||||
bridge_ports {{ value.iface | default('none') }}
|
||||
{% else %}
|
||||
bridge_ports none
|
||||
{% endif %}
|
||||
{% if value.address is defined %}
|
||||
address {{ value.address }}
|
||||
{% endif %}
|
||||
|
||||
{% endfor %}
|
@ -23,12 +23,10 @@
|
||||
- name: Check for a supported Operating System
|
||||
assert:
|
||||
that:
|
||||
- (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial') or
|
||||
(ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'bionic')
|
||||
- (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal')
|
||||
msg: >-
|
||||
The only supported host platforms for this tooling are Ubuntu 16.04 LTS (Xenial)
|
||||
and Ubuntu 18.04 LTS (Bionic). Patches to add support for other distributions are
|
||||
most welcome.
|
||||
The only supported host platforms for this tooling are Ubuntu 20.04 LTS (Focal).
|
||||
Patches to add support for other distributions are most welcome.
|
||||
|
||||
- name: Gather variables for each operating system
|
||||
include_vars: "{{ item }}"
|
||||
@ -367,6 +365,7 @@
|
||||
fstype: ext4
|
||||
dev: "/dev/{{ mnaio_data_disk }}{{ mnaio_data_disk_suffix | default('1') }}"
|
||||
force: yes
|
||||
resizefs: yes
|
||||
when:
|
||||
- _add_partition is changed
|
||||
|
||||
|
@ -129,27 +129,18 @@ security_group_rules:
|
||||
|
||||
# Create some default images
|
||||
images:
|
||||
- name: Ubuntu 14.04 LTS
|
||||
- name: Ubuntu 18.04 LTS
|
||||
format: qcow2
|
||||
url: http://uec-images.ubuntu.com/releases/14.04/release/ubuntu-14.04-server-cloudimg-amd64-disk1.img
|
||||
- name: Ubuntu 16.04
|
||||
url: https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img
|
||||
- name: Ubuntu 20.04 LTS
|
||||
format: qcow2
|
||||
url: http://uec-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img
|
||||
- name: Fedora 27
|
||||
url: https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
|
||||
- name: CentOS 9 Stream
|
||||
format: qcow2
|
||||
url: http://dfw.mirror.rackspace.com/fedora/releases/27/CloudImages/x86_64/images/Fedora-Cloud-Base-27-1.6.x86_64.qcow2
|
||||
- name: CentOS 7
|
||||
url: https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-20220112.1.x86_64.qcow2
|
||||
- name: Debian 10 Latest
|
||||
format: qcow2
|
||||
url: http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2
|
||||
- name: OpenSuse Leap 42.3
|
||||
url: https://cdimage.debian.org/cdimage/openstack/current-10/debian-10-openstack-amd64.qcow2
|
||||
- name: Cirros-0.5.2
|
||||
format: qcow2
|
||||
url: http://download.opensuse.org/repositories/Cloud:/Images:/Leap_42.3/images/openSUSE-Leap-42.3-OpenStack.x86_64.qcow2
|
||||
- name: Debian 9 Latest
|
||||
format: qcow2
|
||||
url: http://cdimage.debian.org/cdimage/openstack/current-9/debian-9-openstack-amd64.qcow2
|
||||
- name: Debian TESTING
|
||||
format: qcow2
|
||||
url: http://cdimage.debian.org/cdimage/openstack/testing/debian-testing-openstack-amd64.qcow2
|
||||
- name: Cirros-0.3.5
|
||||
format: qcow2
|
||||
url: http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
|
||||
url: http://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
|
||||
|
@ -17,27 +17,24 @@ mnaio_host_required_distro_packages:
|
||||
- ubuntu-cloud-keyring
|
||||
|
||||
mnaio_host_package_repos:
|
||||
- repo: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu {{ ansible_lsb.codename }}-updates/queens main"
|
||||
- repo: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu {{ ansible_lsb.codename }}-updates/xena main"
|
||||
state: present
|
||||
filename: "uca"
|
||||
condition: "{{ ansible_lsb.codename == 'xenial' }}"
|
||||
- repo: "deb http://ubuntu-cloud.archive.canonical.com/ubuntu {{ ansible_lsb.codename }}-updates/rocky main"
|
||||
state: present
|
||||
filename: "uca"
|
||||
condition: "{{ ansible_lsb.codename == 'bionic' }}"
|
||||
condition: "{{ ansible_lsb.codename == 'focal' }}"
|
||||
|
||||
mnaio_host_distro_packages:
|
||||
- bridge-utils
|
||||
- ifenslave
|
||||
- iptables-persistent
|
||||
- libguestfs-tools
|
||||
- libvirt-bin
|
||||
- libvirt-daemon-system
|
||||
- libvirt-clients
|
||||
- lvm2
|
||||
- ntp
|
||||
- openssh-server
|
||||
- python2.7
|
||||
- python-lxml
|
||||
- python-jmespath
|
||||
- python3
|
||||
- python3-lxml
|
||||
- python3-jmespath
|
||||
- qemu-kvm
|
||||
- qemu-utils
|
||||
- software-properties-common
|
||||
@ -57,6 +54,6 @@ mnaio_dhcp_distro_packages:
|
||||
mnaio_pkg_cache_server_distro_packages:
|
||||
- apt-cacher-ng
|
||||
|
||||
mnaio_host_iptables_service: "{{ (ansible_lsb.codename == 'trusty') | ternary('iptables-persistent', 'netfilter-persistent') }}"
|
||||
mnaio_host_iptables_service: netfilter-persistent
|
||||
|
||||
ssh_service_name: ssh
|
||||
|
@ -22,13 +22,6 @@ default_dhcp_interface: "{{ default_interface }}"
|
||||
# To speed up the deployment apt-cacher NG is used on the pxe/dhcp server.
|
||||
default_acng_bind_address: 0.0.0.0
|
||||
|
||||
# This is a mapping of OS familiies. While Ansible has a suitable interface
|
||||
# for this it can vary in unpredictable ways. This setting it used to determine
|
||||
# the type of preseed needed to deploy an given OS type.
|
||||
default_os_families:
|
||||
ubuntu-16.04-amd64: debian
|
||||
ubuntu-18.04-amd64: debian
|
||||
|
||||
# Default setting for Apt-Cacher-NG.
|
||||
default_mirror_proxy: 'http://{{ default_tftp_server }}:3142/'
|
||||
default_mirror_hostname: archive.ubuntu.com
|
||||
@ -41,21 +34,8 @@ default_tftp_port: 69
|
||||
default_tftp_boot_path: /pxelinux.0 # Path of where to boot from first
|
||||
|
||||
# Default ISO images
|
||||
default_image_name: "ubuntu-18.04-amd64"
|
||||
default_image_name: "ubuntu-20.04-amd64"
|
||||
default_images:
|
||||
ubuntu-16.04-amd64:
|
||||
image_type: debian
|
||||
image_iso_url: "http://releases.ubuntu.com/16.04.2/ubuntu-16.04.2-server-amd64.iso"
|
||||
image_name: "ubuntu-16.04.2-server-amd64.iso"
|
||||
image_short_name: "ubuntu-16.04.2-server-amd64"
|
||||
image_default_boot: "ubuntu-16.04.2-server-amd64/amd64/boot-screens/menu.cfg"
|
||||
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical quiet splash"
|
||||
image_kernel: "ubuntu-16.04.2-server-amd64/amd64/linux"
|
||||
image_initrd: "ubuntu-16.04.2-server-amd64/amd64/initrd.gz"
|
||||
image_netboot: "ubuntu-16.04.2-server-amd64/install/netboot/ubuntu-installer"
|
||||
image_preseed: basic
|
||||
image_preseed_option:
|
||||
url: "tftp://{{ default_tftp_server }}/preseed/basic.preseed"
|
||||
ubuntu-18.04-amd64:
|
||||
image_type: debian
|
||||
image_iso_url: "http://cdimage.ubuntu.com/ubuntu-server/daily/current/bionic-server-amd64.iso"
|
||||
@ -69,6 +49,19 @@ default_images:
|
||||
image_preseed: basic
|
||||
image_preseed_option:
|
||||
url: "tftp://{{ default_tftp_server }}/preseed/basic.preseed"
|
||||
ubuntu-20.04-amd64:
|
||||
image_type: debian
|
||||
image_iso_url: "https://cdimage.ubuntu.com/ubuntu-server/focal/daily/current/focal-legacy-server-amd64.iso"
|
||||
image_name: "focal-legacy-server-amd64.iso"
|
||||
image_short_name: "focal-legacy-server-amd64"
|
||||
image_default_boot: "focal-legacy-server-amd64/amd64/boot-screens/menu.cfg"
|
||||
image_kernel_options: "biosdevname=0 net.ifnames=0 auto=true priority=critical quiet splash"
|
||||
image_kernel: "focal-legacy-server-amd64/amd64/linux"
|
||||
image_initrd: "focal-legacy-server-amd64/amd64/initrd.gz"
|
||||
image_netboot: "focal-legacy-server-amd64/install/netboot/ubuntu-installer"
|
||||
image_preseed: basic
|
||||
image_preseed_option:
|
||||
url: "tftp://{{ default_tftp_server }}/preseed/basic.preseed"
|
||||
|
||||
# PXELinux downloads. While pxelinux is available as a component of most distros
|
||||
# the version may vary. This stabalizes on a known set.
|
||||
|
@ -22,7 +22,7 @@ ansible-playbook -vv \
|
||||
-e setup_host=${SETUP_HOST:-"true"} \
|
||||
-e setup_pxeboot=${SETUP_PXEBOOT:-"true"} \
|
||||
-e setup_dhcpd=${SETUP_DHCPD:-"true"} \
|
||||
-e default_image=${DEFAULT_IMAGE:-"ubuntu-18.04-amd64"} \
|
||||
-e default_image=${DEFAULT_IMAGE:-"ubuntu-20.04-amd64"} \
|
||||
-e default_http_proxy=${DEFAULT_HTTP_PROXY:-''} \
|
||||
--force-handlers \
|
||||
playbooks/site.yml
|
||||
|
@ -26,8 +26,8 @@ for flavor in micro tiny mini small medium large xlarge heavy; do
|
||||
VCPU="${VCPU:-1}"
|
||||
SWAP="${SWAP:-0}"
|
||||
EPHEMERAL="${EPHEMERAL:-0}"
|
||||
nova flavor-delete "$ID" > /dev/null || echo "No Flavor with ID: [ $ID ] found to clean up"
|
||||
nova flavor-create "$NAME" "$ID" "$RAM" "$DISK" "$VCPU" --swap "$SWAP" --is-public true --ephemeral "$EPHEMERAL" --rxtx-factor 1
|
||||
openstack flavor delete "$ID" > /dev/null || echo "No Flavor with ID: [ $ID ] found to clean up"
|
||||
openstack flavor create "$NAME" --id "$ID" --ram "$RAM" --disk "$DISK" --vcpu "$VCPU" --swap "$SWAP" --public --ephemeral "$EPHEMERAL" --rxtx-factor 1
|
||||
let ID=ID+1
|
||||
let RAM=RAM*2
|
||||
if [ "$ID" -gt 5 ];then
|
||||
|
@ -29,10 +29,10 @@ function image_upload {
|
||||
echo "file found ${IMAGE_FILE}"
|
||||
fi
|
||||
if [[ "$?" == 0 ]]; then
|
||||
glance image-create --name "${IMAGE_NAME}" \
|
||||
openstack image create "${IMAGE_NAME}" \
|
||||
--container-format bare \
|
||||
--disk-format qcow2 \
|
||||
--visibility public \
|
||||
--public \
|
||||
--progress \
|
||||
--file "${IMAGE_FILE}" && rm "${IMAGE_FILE}"
|
||||
fi
|
||||
@ -42,10 +42,9 @@ function image_upload {
|
||||
|
||||
# Create some default images
|
||||
# USAGE: image_upload $URL $NAME
|
||||
image_upload http://uec-images.ubuntu.com/releases/14.04/release/ubuntu-14.04-server-cloudimg-amd64-disk1.img ubuntu-14.04-amd64
|
||||
image_upload http://uec-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img ubuntu-16.04-amd64
|
||||
image_upload http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 centos-7-amd64
|
||||
image_upload http://cdimage.debian.org/cdimage/openstack/current/debian-9.2.0-openstack-amd64.qcow2 debian-9.2.0-amd64
|
||||
image_upload http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img cirros-0.3.4-amd64
|
||||
image_upload http://dfw.mirror.rackspace.com/fedora/releases/26/CloudImages/x86_64/images/Fedora-Cloud-Base-26-1.5.x86_64.qcow2 fedora-26-amd64
|
||||
image_upload http://download.opensuse.org/repositories/Cloud:/Images:/Leap_42.3/images/openSUSE-Leap-42.3-OpenStack.x86_64.qcow2 opensuse-leap-42.3-amd64
|
||||
image_upload https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img ubuntu-18.04-amd64
|
||||
image_upload https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img ubuntu-20.04-amd64
|
||||
image_upload https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img ubuntu-22.04-amd64
|
||||
image_upload https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-20220216.0.x86_64.qcow2 centos-9-stream-20220216-x86_64
|
||||
image_upload https://cloud.debian.org/images/cloud/OpenStack/current-10/debian-10-openstack-amd64.qcow2 debian-10-openstack-amd64
|
||||
image_upload https://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img cirros-0.5.2-x86_64
|
||||
|
@ -18,60 +18,57 @@ source openrc
|
||||
|
||||
|
||||
# Create a basic flat network
|
||||
neutron net-create GATEWAY_NET \
|
||||
--shared \
|
||||
--router:external=True \
|
||||
--provider:physical_network=flat \
|
||||
--provider:network_type=flat
|
||||
openstack network create GATEWAY_NET \
|
||||
--share \
|
||||
--external \
|
||||
--provider-physical-network flat \
|
||||
--provider-network-type flat
|
||||
|
||||
neutron subnet-create GATEWAY_NET 172.16.24.0/22 \
|
||||
--name GATEWAY_NET_SUBNET \
|
||||
openstack subnet create GATEWAY_SUBNET \
|
||||
--subnet-range 172.16.24.0/22 \
|
||||
--network GATEWAY_NET \
|
||||
--gateway 172.16.24.2 \
|
||||
--allocation-pool start=172.16.25.201,end=172.16.25.255 \
|
||||
--dns-nameservers list=true 172.16.24.2
|
||||
--dns-nameserver 172.16.24.2
|
||||
|
||||
|
||||
|
||||
# Create a basic VXLAN network
|
||||
neutron net-create PRIVATE_NET \
|
||||
--shared \
|
||||
--router:external=True \
|
||||
--provider:network_type=vxlan \
|
||||
--provider:segmentation_id 101
|
||||
openstack network create PRIVATE_NET \
|
||||
--share \
|
||||
--provider-network-type vxlan \
|
||||
--provider-segment 101
|
||||
|
||||
neutron subnet-create PRIVATE_NET 192.168.0.0/24 \
|
||||
--name PRIVATE_NET_SUBNET
|
||||
openstack subnet create PRIVATE_SUBNET \
|
||||
--subnet-range 192.168.0.0/24 \
|
||||
--network PRIVATE_NET
|
||||
|
||||
|
||||
|
||||
# Create a neutron router and wire it up to the GATEWAY_NET and PRIVATE_NET_SUBNET
|
||||
ROUTER_ID="$(neutron router-create GATEWAY_NET_ROUTER | grep -w id | awk '{print $4}')"
|
||||
neutron router-gateway-set \
|
||||
"${ROUTER_ID}" \
|
||||
"$(neutron net-list | awk '/GATEWAY_NET/ {print $2}')"
|
||||
ROUTER_ID="$(openstack router create GATEWAY_NET_ROUTER -c id | grep -w id | awk '{print $4}')"
|
||||
openstack router set "${ROUTER_ID}" \
|
||||
--external-gateway "$(openstack network list | awk '/GATEWAY_NET/ {print $2}')"
|
||||
|
||||
neutron router-interface-add \
|
||||
openstack router add subnet \
|
||||
"${ROUTER_ID}" \
|
||||
"$(neutron subnet-list | awk '/PRIVATE_NET_SUBNET/ {print $2}')"
|
||||
"$(openstack subnet list | awk '/PRIVATE_SUBNET/ {print $2}')"
|
||||
|
||||
|
||||
|
||||
# Neutron security group setup
|
||||
for id in "$(neutron security-group-list -f yaml | awk '/- id\:/ {print $3}')"; do
|
||||
SECGRP_ID="$(openstack security group create MNAIO_SECGRP -c id | grep -w id | awk '{print $4}')"
|
||||
# Allow ICMP
|
||||
neutron security-group-rule-create --protocol icmp \
|
||||
--direction ingress \
|
||||
"$id" || true
|
||||
openstack security group rule create --protocol icmp \
|
||||
--ingress \
|
||||
"$SECGRP_ID"
|
||||
|
||||
# Allow all TCP
|
||||
neutron security-group-rule-create --protocol tcp \
|
||||
--port-range-min 1 \
|
||||
--port-range-max 65535 \
|
||||
--direction ingress \
|
||||
"$id" || true
|
||||
openstack security group rule create --protocol tcp \
|
||||
--ingress \
|
||||
"$SECGRP_ID"
|
||||
|
||||
# Allow all UDP
|
||||
neutron security-group-rule-create --protocol udp \
|
||||
--port-range-min 1 \
|
||||
--port-range-max 65535 -\
|
||||
-direction ingress \
|
||||
"$id" || true
|
||||
done
|
||||
openstack security group rule create --protocol udp \
|
||||
--ingress \
|
||||
"$SECGRP_ID"
|
||||
|
Loading…
Reference in New Issue
Block a user