From 787589a319c6e5d56570aa58d6e68d98390bb7d7 Mon Sep 17 00:00:00 2001 From: Matus Jenca Date: Fri, 27 Sep 2024 17:15:10 +0200 Subject: [PATCH 1/4] Modify inventory for OVN BGP Agent --- kolla-files/all-in-one | 8 ++++++++ roles/create_multinode/templates/multinode.j2 | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/kolla-files/all-in-one b/kolla-files/all-in-one index 138022e..db0e5c8 100644 --- a/kolla-files/all-in-one +++ b/kolla-files/all-in-one @@ -80,6 +80,14 @@ control [neutron:children] network +[frr:children] +compute +network + +[ovn-bgp-agent:children] +compute +network + [openvswitch:children] network compute diff --git a/roles/create_multinode/templates/multinode.j2 b/roles/create_multinode/templates/multinode.j2 index 9d18592..b554498 100644 --- a/roles/create_multinode/templates/multinode.j2 +++ b/roles/create_multinode/templates/multinode.j2 @@ -324,6 +324,14 @@ neutron compute network +[frr:children] +compute +network + +[ovn-bgp-agent:children] +compute +network + # Cinder [cinder-api:children] cinder From 53d08855ffa29d306ad4a8bd43e21ba75c7b04c8 Mon Sep 17 00:00:00 2001 From: Matus Jenca Date: Wed, 9 Oct 2024 10:19:19 +0200 Subject: [PATCH 2/4] Add ability to have multiple clouds Signed-off-by: Matus Jenca --- builder | 8 +++++++- group_vars/all.yml | 4 +++- roles/create_aio/defaults/main.yml | 1 + roles/create_aio/tasks/main.yml | 2 +- roles/upload_archive/defaults/main.yml | 2 +- ssh_config | 10 ++++++++++ 6 files changed, 23 insertions(+), 4 deletions(-) diff --git a/builder b/builder index debe9e3..45bdc6d 100755 --- a/builder +++ b/builder @@ -65,7 +65,13 @@ fi vmlist="" if [ "$action" == "prepare" ]; then - inventory="kolla-inventory" + kolla_inventory=$(grep "inventory_name:" $user_variables | cut -d" " -f2 | sed 's/"//g') + if [ -z "${kolla_inventory}" ]; then + inventory="kolla-inventory" + else + inventory="${kolla_inventory}" + fi + elif [ "$action" == "delete" ]; then vmlist="-e @vm_list.yml" diff --git a/group_vars/all.yml b/group_vars/all.yml index f945dac..006d56f 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -29,7 +29,9 @@ ansible_args: >- ansible_become=True ansible_private_key_file={{ kolla_ssh_key }} ansible_python_interpreter={{ kolla_python_interpereter }} - +inventory_name: "kolla-inventory" +multinode_file_path: "{{ inventory_name }}" +aio_filepath: "{{ inventory_name }}" node_vg: ubuntu-vg node_lv: ubuntu-lv globals_file: null diff --git a/roles/create_aio/defaults/main.yml b/roles/create_aio/defaults/main.yml index c7ab9f3..cd0b80c 100644 --- a/roles/create_aio/defaults/main.yml +++ b/roles/create_aio/defaults/main.yml @@ -8,3 +8,4 @@ ansible_args: >- ansible_private_key_file={{ kolla_ssh_key }} ansible_python_interpreter={{ kolla_python_interpereter }} is_remote: false +aio_filepath: "kolla-inventory" diff --git a/roles/create_aio/tasks/main.yml b/roles/create_aio/tasks/main.yml index 331fa5f..ebd446f 100644 --- a/roles/create_aio/tasks/main.yml +++ b/roles/create_aio/tasks/main.yml @@ -12,7 +12,7 @@ delegate_to: localhost template: src: all-in-one.j2 - dest: kolla-inventory + dest: "{{ aio_filepath }}" - name: Add Proxy Jump to SSH Config include_role: diff --git a/roles/upload_archive/defaults/main.yml b/roles/upload_archive/defaults/main.yml index f835991..f91358d 100644 --- a/roles/upload_archive/defaults/main.yml +++ b/roles/upload_archive/defaults/main.yml @@ -4,4 +4,4 @@ source_local_path: "../kolla-ansible" source_node_path: "/home/kolla/kolla-ansible" source_name: "Kolla Ansible" kolla_group: "kolla" -mode: "" +mode: "0777" diff --git a/ssh_config b/ssh_config index e69de29..b2d7d70 100644 --- a/ssh_config +++ b/ssh_config @@ -0,0 +1,10 @@ +# BEGIN OVN-BGP +Host ovn-bgp + User kolla + Hostname 192.168.124.1 + CheckHostIP no + StrictHostKeyChecking no + ServerAliveInterval 30 + IdentityFile "/home/matus/.ssh/id_kolla" + IdentitiesOnly yes +# END OVN-BGP From 1a106b5e3d409a291f9cd2b824f0b3e18f397aa9 Mon Sep 17 00:00:00 2001 From: Matus Jenca Date: Fri, 11 Oct 2024 12:41:51 +0200 Subject: [PATCH 3/4] Make external networks reachable Signed-off-by: Matus Jenca --- group_vars/all.yml | 10 +++++----- remote | 2 +- roles/libvirt_network/defaults/main.yml | 1 + roles/libvirt_network/templates/network.xml.j2 | 15 +++++++++------ roles/upload_to_nodes/files/globals.yml | 6 +++--- spawn.yml | 3 +++ ssh_config | 10 ---------- 7 files changed, 22 insertions(+), 25 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 006d56f..1729b9c 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -46,9 +46,9 @@ additional_uploads: [] additional_uploads_deploy_node: [] ara_enable: false -network_ssh_ip: "192.168.122.0" -network_openstack_ip: "192.168.123.0" -network_neutron_ip: "192.168.124.0" +network_ssh_ip: "192.168.122.1" +network_openstack_ip: "192.168.123.1" +network_neutron_ip: "192.168.124.1" network_ssh_ip_start: '{{ network_ssh_ip.split(".")[:-1] | join(".") + ".2" }}' network_ssh_ip_end: '{{ network_ssh_ip.split(".")[:-1] | join(".") + ".254" }}' @@ -56,11 +56,11 @@ network_ssh_ip_gateway: '{{ network_ssh_ip.split(".")[:-1] | join(".") + ".254" network_openstack_ip_start: '{{ network_openstack_ip.split(".")[:-1] | join(".") + ".2" }}' network_openstack_ip_end: '{{ network_openstack_ip.split(".")[:-1] | join(".") + ".254" }}' -network_openstack_ip_gateway: '{{ network_openstack_ip.split(".")[:-1] | join(".") + ".254" }}' +network_openstack_ip_gateway: '{{ network_openstack_ip.split(".")[:-1] | join(".") + ".1" }}' network_neutron_ip_start: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".2" }}' network_neutron_ip_end: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".254" }}' -network_neutron_ip_gateway: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".254" }}' +network_neutron_ip_gateway: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".1" }}' network_ssh_bridge: virbr0 diff --git a/remote b/remote index c82f36d..0e9962b 100644 --- a/remote +++ b/remote @@ -1,2 +1,2 @@ [remote] - IP.ADDRESS.OF.REMOTE ansible_ssh_user=ubuntu ansible_become=True ansible_private_key_file=/path/to/key +213.131.230.38 ansible_ssh_user=ubuntu ansible_become=True ansible_private_key_file=/home/matus/.ssh/id_rsa diff --git a/roles/libvirt_network/defaults/main.yml b/roles/libvirt_network/defaults/main.yml index 95048c8..e8641ea 100644 --- a/roles/libvirt_network/defaults/main.yml +++ b/roles/libvirt_network/defaults/main.yml @@ -8,3 +8,4 @@ libvirt_network_ip_gateway: "192.168.100.1" libvirt_network_ip_netmask: 255.255.255.0 libvirt_network_domain: kolla.local libvirt_network_auto_dhcp: true +libvirt_network_type: nat diff --git a/roles/libvirt_network/templates/network.xml.j2 b/roles/libvirt_network/templates/network.xml.j2 index 03ad216..ca637c3 100644 --- a/roles/libvirt_network/templates/network.xml.j2 +++ b/roles/libvirt_network/templates/network.xml.j2 @@ -1,12 +1,15 @@ {{ libvirt_network_name }} - + +{% if libvirt_network_type != 'bridge' %} - {% if libvirt_network_auto_dhcp %} - - - - {% endif %} + {% if libvirt_network_auto_dhcp %} + + + + {% endif %} +{% endif %} + diff --git a/roles/upload_to_nodes/files/globals.yml b/roles/upload_to_nodes/files/globals.yml index b392278..0d6373c 100644 --- a/roles/upload_to_nodes/files/globals.yml +++ b/roles/upload_to_nodes/files/globals.yml @@ -408,7 +408,7 @@ enable_horizon_heat: "{{ enable_heat | bool }}" #enable_neutron_qos: "no" #enable_neutron_agent_ha: "no" #enable_neutron_bgp_dragent: "no" -#enable_neutron_provider_networks: "no" +#enable_neutron_provider_networks: "yes" #enable_neutron_segments: "no" #enable_neutron_sfc: "no" #enable_neutron_trunk: "no" @@ -429,8 +429,8 @@ enable_horizon_heat: "{{ enable_heat | bool }}" #enable_osprofiler: "no" #enable_placement: "{{ enable_nova | bool or enable_zun | bool }}" #enable_prometheus: "no" -enable_proxysql: "yes" -enable_redis: "yes" +enable_proxysql: "no" +enable_redis: "no" #enable_sahara: "no" #enable_senlin: "no" #enable_skyline: "no" diff --git a/spawn.yml b/spawn.yml index a2e0ad1..705d895 100644 --- a/spawn.yml +++ b/spawn.yml @@ -25,6 +25,7 @@ libvirt_network_ip_gateway: "{{ network_openstack_ip_gateway }}" libvirt_network_ip_prefix: "{{ network_openstack_prefix }}" libvirt_network_bridge: "{{ network_openstack_bridge }}" + libvirt_network_type: "route" when: create_networks - include_role: @@ -36,6 +37,8 @@ libvirt_network_ip_gateway: "{{ network_neutron_ip_gateway }}" libvirt_network_ip_prefix: "{{ network_neutron_prefix }}" libvirt_network_bridge: "{{ network_neutron_bridge }}" + libvirt_network_auto_dhcp: false + libvirt_network_type: "route" when: create_networks - include_role: diff --git a/ssh_config b/ssh_config index b2d7d70..e69de29 100644 --- a/ssh_config +++ b/ssh_config @@ -1,10 +0,0 @@ -# BEGIN OVN-BGP -Host ovn-bgp - User kolla - Hostname 192.168.124.1 - CheckHostIP no - StrictHostKeyChecking no - ServerAliveInterval 30 - IdentityFile "/home/matus/.ssh/id_kolla" - IdentitiesOnly yes -# END OVN-BGP From 0a4d949f960aea0b3de58c37a7a907481b5e314c Mon Sep 17 00:00:00 2001 From: Matus Jenca Date: Tue, 22 Oct 2024 13:32:50 +0200 Subject: [PATCH 4/4] Ovn bgp agent deployment --- ansible.cfg | 2 +- delete.yml | 21 +- group_vars/all.yml | 14 ++ remote | 2 - roles/create_vm/defaults/main.yml | 1 + roles/create_vm/templates/kolla-node.xml.j2 | 2 +- roles/delete_nodes/tasks/main.yml | 14 +- roles/nginx_proxy/defaults/main.yml | 1 + roles/nginx_proxy/tasks/main.yml | 2 +- .../nginx_proxy/templates/passthrough.conf.j2 | 2 +- roles/upload_to_nodes/defaults/main.yml | 4 + roles/upload_to_nodes/tasks/main.yml | 14 +- roles/upload_to_nodes/templates/bashrc.j2 | 15 ++ .../upload_to_nodes/templates/init-runonce.j2 | 194 ++++++++++++++++++ spawn.yml | 6 +- ssh_config | 0 16 files changed, 268 insertions(+), 26 deletions(-) delete mode 100644 remote create mode 100644 roles/upload_to_nodes/templates/bashrc.j2 create mode 100644 roles/upload_to_nodes/templates/init-runonce.j2 delete mode 100644 ssh_config diff --git a/ansible.cfg b/ansible.cfg index f288358..e10d40d 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -2,6 +2,6 @@ host_key_checking = False stdout_callback = yaml ansible_ssh_common_args='-o IdentitiesOnly=yes' - +ansible_timeout = 3600 [ssh_connection] ssh_args = -F ssh_config diff --git a/delete.yml b/delete.yml index 33997f8..009e340 100644 --- a/delete.yml +++ b/delete.yml @@ -11,9 +11,18 @@ name: libvirt_network tasks_from: delete.yml vars: - libvirt_network_name: "{{ item }}" - with_items: - - "{{ network_ssh }}" - - "{{ network_openstack }}" - - "{{ network_neutron }}" - when: create_networks + libvirt_network_name: "{{ network_ssh }}" + when: destroy_network_ssh + - include_role: + name: libvirt_network + tasks_from: delete.yml + vars: + libvirt_network_name: "{{ network_openstack }}" + when: destroy_network_openstack + - include_role: + name: libvirt_network + tasks_from: delete.yml + vars: + libvirt_network_name: "{{ network_neutron }}" + when: destroy_network_neutron + diff --git a/group_vars/all.yml b/group_vars/all.yml index 1729b9c..067fbc0 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -62,9 +62,23 @@ network_neutron_ip_start: '{{ network_neutron_ip.split(".")[:-1] | join(".") + " network_neutron_ip_end: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".254" }}' network_neutron_ip_gateway: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".1" }}' +external_network_cidr: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".0" }}/24' +external_network_dhcp_start: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".150" }}' +external_network_dhcp_end: '{{ network_neutron_ip.split(".")[:-1] | join(".") + ".199" }}' +external_network_gateway: '{{ network_neutron_ip_gateway }}' +external_network_type: "flat" +external_network_vlan_id: 123 network_ssh_bridge: virbr0 network_openstack_bridge: virbr2 network_neutron_bridge: virbr3 create_networks: false +create_network_ssh: "{{ create_networks }}" +create_network_openstack: "{{ create_networks }}" +create_network_neutron: "{{ create_networks }}" + +destroy_networks: false +destroy_network_ssh: "{{ destroy_networks }}" +destroy_network_openstack: "{{ destroy_networks }}" +destroy_network_neutron: "{{ destroy_networks }}" diff --git a/remote b/remote deleted file mode 100644 index 0e9962b..0000000 --- a/remote +++ /dev/null @@ -1,2 +0,0 @@ -[remote] -213.131.230.38 ansible_ssh_user=ubuntu ansible_become=True ansible_private_key_file=/home/matus/.ssh/id_rsa diff --git a/roles/create_vm/defaults/main.yml b/roles/create_vm/defaults/main.yml index 9f5b6eb..149bfce 100644 --- a/roles/create_vm/defaults/main.yml +++ b/roles/create_vm/defaults/main.yml @@ -16,3 +16,4 @@ generate_mac_addresses: false mac_addresses: [] ssh_config: "ssh_config" is_remote: false +libvirt_domain_type: kvm diff --git a/roles/create_vm/templates/kolla-node.xml.j2 b/roles/create_vm/templates/kolla-node.xml.j2 index 29d3fb9..09d3b95 100644 --- a/roles/create_vm/templates/kolla-node.xml.j2 +++ b/roles/create_vm/templates/kolla-node.xml.j2 @@ -1,4 +1,4 @@ - + {{ node_name }} diff --git a/roles/delete_nodes/tasks/main.yml b/roles/delete_nodes/tasks/main.yml index f8a1df4..6e69530 100644 --- a/roles/delete_nodes/tasks/main.yml +++ b/roles/delete_nodes/tasks/main.yml @@ -38,13 +38,13 @@ state: absent loop: "{{ to_delete }}" -- name: Deleting SSH proxy entry - delegate_to: localhost - blockinfile: - path: "{{ ssh_config }}" - marker: "# {mark} KOLLA-PROXY" - state: absent - when: is_remote +# - name: Deleting SSH proxy entry +# delegate_to: localhost +# blockinfile: +# path: "{{ ssh_config }}" +# marker: "# {mark} KOLLA-PROXY" +# state: absent +# when: is_remote - name: Add remove host from dhcp pool shell: | diff --git a/roles/nginx_proxy/defaults/main.yml b/roles/nginx_proxy/defaults/main.yml index bd9ca51..4749e6a 100644 --- a/roles/nginx_proxy/defaults/main.yml +++ b/roles/nginx_proxy/defaults/main.yml @@ -1,4 +1,5 @@ --- +reverse_proxy_ip_address: "{{kolla_internal_vip_address}}" # 80 and 443 Are added automatically depending on your kolla settings # If your remote server is on the cloud, make sure # ingress to all ports you forward is allowed diff --git a/roles/nginx_proxy/tasks/main.yml b/roles/nginx_proxy/tasks/main.yml index 3a00d09..f9a9d09 100644 --- a/roles/nginx_proxy/tasks/main.yml +++ b/roles/nginx_proxy/tasks/main.yml @@ -2,7 +2,7 @@ # tasks file for nginx_proxy - name: Register Kolla Variables set_fact: - globals: "{{ lookup('file', 'kolla-files/' ~ globals_file) | from_yaml }}" + globals: "{{ lookup('file', 'kolla-files/' ~ globals_file | default('') ) | from_yaml }}" - name: Get Kolla uses external TLS set_fact: use_tls: "{{ globals.kolla_enable_tls_external | default(false) }}" diff --git a/roles/nginx_proxy/templates/passthrough.conf.j2 b/roles/nginx_proxy/templates/passthrough.conf.j2 index ccee809..46d6180 100644 --- a/roles/nginx_proxy/templates/passthrough.conf.j2 +++ b/roles/nginx_proxy/templates/passthrough.conf.j2 @@ -1,5 +1,5 @@ stream { -{% macro stream(port,ssl=false, ip=globals.kolla_internal_vip_address)%} +{% macro stream(port,ssl=false, ip=reverse_proxy_ip_address)%} server { listen {{port}}; proxy_pass {{ip}}:{{port}}; diff --git a/roles/upload_to_nodes/defaults/main.yml b/roles/upload_to_nodes/defaults/main.yml index c5eebde..703c4d8 100644 --- a/roles/upload_to_nodes/defaults/main.yml +++ b/roles/upload_to_nodes/defaults/main.yml @@ -9,3 +9,7 @@ mode: "" kolla_vip_last_digit: 200 kolla_internal_vip_address: "192.168.123.200" globals_file: null + +demo_net_cidr: "10.0.0.0/24" +demo_net_gateway: "10.0.0.1" +demo_net_dns: "8.8.8.8" diff --git a/roles/upload_to_nodes/tasks/main.yml b/roles/upload_to_nodes/tasks/main.yml index 9b87d61..1f0c407 100644 --- a/roles/upload_to_nodes/tasks/main.yml +++ b/roles/upload_to_nodes/tasks/main.yml @@ -32,7 +32,13 @@ group: kolla mode: '0644' - when: globals_file != None +- name: Template 'init-runonce' demo setup file + template: + src: init-runonce.j2 + dest: /home/kolla/init-runonce + owner: kolla + group: kolla + mode: '0775' - name: Copy all-in-one to deploy node copy: src: kolla-files/all-in-one @@ -75,10 +81,10 @@ mode: "0600" when: not is_aio -- name: Ensure kolla venv is sourced on login - lineinfile: +- name: Template extra bashrc + blockinfile: path: /home/kolla/.bashrc - line: "source kolla/bin/activate" + block: "{{ lookup('template', 'bashrc.j2') }}" state: present - name: Set KOLLA_INVENTORY to multinode diff --git a/roles/upload_to_nodes/templates/bashrc.j2 b/roles/upload_to_nodes/templates/bashrc.j2 new file mode 100644 index 0000000..7386bd6 --- /dev/null +++ b/roles/upload_to_nodes/templates/bashrc.j2 @@ -0,0 +1,15 @@ +source kolla/bin/activate +export EXT_NET_CIDR='{{ external_network_cidr }}' +export EXT_NET_RANGE='start={{ external_network_dhcp_start }},end={{ external_network_dhcp_end }}' +export EXT_NET_GATEWAY='{{ external_network_gateway }}' + +export DEMO_NET_CIDR='{{ demo_net_cidr }}' +export DEMO_NET_GATEWAY='{{demo_net_gateway}}' +export DEMO_NET_DNS='{{demo_net_dns}}' + +# Specify clouds.yaml file to use +export OS_CLIENT_CONFIG_FILE=/etc/kolla/clouds.yaml + +# Select admin account from clouds.yaml +export OS_CLOUD=kolla-admin + diff --git a/roles/upload_to_nodes/templates/init-runonce.j2 b/roles/upload_to_nodes/templates/init-runonce.j2 new file mode 100644 index 0000000..ff61239 --- /dev/null +++ b/roles/upload_to_nodes/templates/init-runonce.j2 @@ -0,0 +1,194 @@ +#!/usr/bin/env bash + +set -o errexit +set -o pipefail + +KOLLA_DEBUG=${KOLLA_DEBUG:-0} +KOLLA_CONFIG_PATH=${KOLLA_CONFIG_PATH:-/etc/kolla} + +KOLLA_OPENSTACK_COMMAND="openstack --insecure" + +if [[ $KOLLA_DEBUG -eq 1 ]]; then + set -o xtrace + KOLLA_OPENSTACK_COMMAND="$KOLLA_OPENSTACK_COMMAND --debug" +fi + +# This script is meant to be run once after running start for the first +# time. This script downloads a cirros image and registers it. Then it +# configures networking and nova quotas to allow 40 m1.small instances +# to be created. + +ARCH=$(uname -m) +CIRROS_RELEASE=${CIRROS_RELEASE:-0.6.1} +IMAGE_PATH=/opt/cache/files/ +IMAGE_URL=https://github.com/cirros-dev/cirros/releases/download/${CIRROS_RELEASE}/ +IMAGE=cirros-${CIRROS_RELEASE}-${ARCH}-disk.img +IMAGE_NAME=cirros +IMAGE_TYPE=linux + +IP_VERSION=${IP_VERSION:-4} + +DEMO_NET_CIDR=${DEMO_NET_CIDR:-'10.0.0.0/24'} +DEMO_NET_GATEWAY=${DEMO_NET_GATEWAY:-'10.0.0.1'} +DEMO_NET_DNS=${DEMO_NET_DNS:-'8.8.8.8'} + +# This EXT_NET_CIDR is your public network,that you want to connect to the internet via. +ENABLE_EXT_NET=${ENABLE_EXT_NET:-1} +EXT_NET_CIDR=${EXT_NET_CIDR:-'10.0.2.0/24'} +EXT_NET_RANGE=${EXT_NET_RANGE:-'start=10.0.2.150,end=10.0.2.199'} +EXT_NET_GATEWAY=${EXT_NET_GATEWAY:-'10.0.2.1'} + +# Sanitize language settings to avoid commands bailing out +# with "unsupported locale setting" errors. +unset LANG +unset LANGUAGE +LC_ALL=C +export LC_ALL +for i in curl openstack; do + if [[ ! $(type ${i} 2>/dev/null) ]]; then + if [ "${i}" == 'curl' ]; then + echo "Please install ${i} before proceeding" + else + echo "Please install python-${i}client before proceeding" + fi + exit + fi +done + +# Test for clouds.yaml +if [[ ! -f ${KOLLA_CONFIG_PATH}/clouds.yaml ]]; then + echo "${KOLLA_CONFIG_PATH}/clouds.yaml is missing." + echo " Did your deploy finish successfully?" + exit 1 +fi + +# Specify clouds.yaml file to use +export OS_CLIENT_CONFIG_FILE=${KOLLA_CONFIG_PATH}/clouds.yaml + +# Select admin account from clouds.yaml +export OS_CLOUD=kolla-admin + + +# Test to ensure configure script is run only once +if $KOLLA_OPENSTACK_COMMAND image list | grep -q cirros; then + echo "This tool should only be run once per deployment." + exit +fi + +echo Checking for locally available cirros image. +# Let's first try to see if the image is available locally +# nodepool nodes caches them in $IMAGE_PATH +if ! [ -f "${IMAGE_PATH}/${IMAGE}" ]; then + IMAGE_PATH='./' + if ! [ -f "${IMAGE_PATH}/${IMAGE}" ]; then + echo "None found, downloading cirros image (version $CIRROS_RELEASE)." + curl --fail -L -o ${IMAGE_PATH}/${IMAGE} ${IMAGE_URL}/${IMAGE} + fi +else + echo Using cached cirros image from the nodepool node. +fi + +echo Creating glance image. +$KOLLA_OPENSTACK_COMMAND image create --disk-format qcow2 --container-format bare --public \ + --property os_type=${IMAGE_TYPE} --file ${IMAGE_PATH}/${IMAGE} ${IMAGE_NAME} + +echo Configuring neutron. + +$KOLLA_OPENSTACK_COMMAND router create demo-router + +SUBNET_CREATE_EXTRA="" + +if [[ $IP_VERSION -eq 6 ]]; then + # NOTE(yoctozepto): Neutron defaults to "unset" (external) addressing for IPv6. + # The following is to use stateful DHCPv6 (RA for routing + DHCPv6 for addressing) + # served by Neutron Router and DHCP services. + # Setting this for IPv4 errors out instead of being ignored. + SUBNET_CREATE_EXTRA="${SUBNET_CREATE_EXTRA} --ipv6-ra-mode dhcpv6-stateful" + SUBNET_CREATE_EXTRA="${SUBNET_CREATE_EXTRA} --ipv6-address-mode dhcpv6-stateful" +fi + +$KOLLA_OPENSTACK_COMMAND network create demo-net +$KOLLA_OPENSTACK_COMMAND subnet create --ip-version ${IP_VERSION} \ + --subnet-range ${DEMO_NET_CIDR} --network demo-net \ + --gateway ${DEMO_NET_GATEWAY} --dns-nameserver ${DEMO_NET_DNS} \ + ${SUBNET_CREATE_EXTRA} demo-subnet + +$KOLLA_OPENSTACK_COMMAND router add subnet demo-router demo-subnet + +if [[ $ENABLE_EXT_NET -eq 1 ]]; then + $KOLLA_OPENSTACK_COMMAND network create --external --provider-physical-network physnet1 \ + --provider-network-type {{ external_network_type }} public1 + $KOLLA_OPENSTACK_COMMAND subnet create --no-dhcp --ip-version ${IP_VERSION} \ + --allocation-pool ${EXT_NET_RANGE} --network public1 \ + --subnet-range ${EXT_NET_CIDR} --gateway ${EXT_NET_GATEWAY} public1-subnet + + if [[ $IP_VERSION -eq 4 ]]; then + $KOLLA_OPENSTACK_COMMAND router set --external-gateway public1 demo-router + else + # NOTE(yoctozepto): In case of IPv6 there is no NAT support in Neutron, + # so we have to set up native routing. Static routes are the simplest. + # We need a static IP address for the router to demo. + $KOLLA_OPENSTACK_COMMAND router set --external-gateway public1 \ + --fixed-ip subnet=public1-subnet,ip-address=${EXT_NET_DEMO_ROUTER_ADDR} \ + demo-router + fi +fi + +# Get admin user and tenant IDs +ADMIN_PROJECT_ID=$($KOLLA_OPENSTACK_COMMAND project list | awk '/ admin / {print $2}') +ADMIN_SEC_GROUP=$($KOLLA_OPENSTACK_COMMAND security group list --project ${ADMIN_PROJECT_ID} | awk '/ default / {print $2}') + +# Sec Group Config +$KOLLA_OPENSTACK_COMMAND security group rule create --ingress --ethertype IPv${IP_VERSION} \ + --protocol icmp ${ADMIN_SEC_GROUP} +$KOLLA_OPENSTACK_COMMAND security group rule create --ingress --ethertype IPv${IP_VERSION} \ + --protocol tcp --dst-port 22 ${ADMIN_SEC_GROUP} +# Open heat-cfn so it can run on a different host +$KOLLA_OPENSTACK_COMMAND security group rule create --ingress --ethertype IPv${IP_VERSION} \ + --protocol tcp --dst-port 8000 ${ADMIN_SEC_GROUP} +$KOLLA_OPENSTACK_COMMAND security group rule create --ingress --ethertype IPv${IP_VERSION} \ + --protocol tcp --dst-port 8080 ${ADMIN_SEC_GROUP} + +if [ ! -f ~/.ssh/id_ecdsa.pub ]; then + echo Generating ssh key. + ssh-keygen -t ecdsa -N '' -f ~/.ssh/id_ecdsa +fi +if [ -r ~/.ssh/id_ecdsa.pub ]; then + echo Configuring nova public key and quotas. + $KOLLA_OPENSTACK_COMMAND keypair create --public-key ~/.ssh/id_ecdsa.pub mykey +fi + +# Increase the quota to allow 40 m1.small instances to be created + +# 40 instances +$KOLLA_OPENSTACK_COMMAND quota set --instances 40 ${ADMIN_PROJECT_ID} + +# 40 cores +$KOLLA_OPENSTACK_COMMAND quota set --cores 40 ${ADMIN_PROJECT_ID} + +# 96GB ram +$KOLLA_OPENSTACK_COMMAND quota set --ram 96000 ${ADMIN_PROJECT_ID} + +# add default flavors, if they don't already exist +if ! $KOLLA_OPENSTACK_COMMAND flavor list | grep -q m1.tiny; then + $KOLLA_OPENSTACK_COMMAND flavor create --id 1 --ram 512 --disk 1 --vcpus 1 m1.tiny + $KOLLA_OPENSTACK_COMMAND flavor create --id 2 --ram 2048 --disk 20 --vcpus 1 m1.small + $KOLLA_OPENSTACK_COMMAND flavor create --id 3 --ram 4096 --disk 40 --vcpus 2 m1.medium + $KOLLA_OPENSTACK_COMMAND flavor create --id 4 --ram 8192 --disk 80 --vcpus 4 m1.large + $KOLLA_OPENSTACK_COMMAND flavor create --id 5 --ram 16384 --disk 160 --vcpus 8 m1.xlarge + $KOLLA_OPENSTACK_COMMAND flavor create --id 6 --ram 512 --disk 1 --vcpus 2 m2.tiny +fi + +cat << EOF + +Done. + +To deploy a demo instance, run: + +openstack --os-cloud=kolla-admin server create \\ + --image ${IMAGE_NAME} \\ + --flavor m1.tiny \\ + --key-name mykey \\ + --network demo-net \\ + demo1 +EOF diff --git a/spawn.yml b/spawn.yml index 705d895..ecb9a1d 100644 --- a/spawn.yml +++ b/spawn.yml @@ -14,7 +14,7 @@ libvirt_network_ip_gateway: "{{ network_ssh_ip_gateway }}" libvirt_network_bridge: "{{ network_ssh_bridge }}" libvirt_network_auto_dhcp: false - when: create_networks + when: create_network_ssh - include_role: name: libvirt_network @@ -26,7 +26,7 @@ libvirt_network_ip_prefix: "{{ network_openstack_prefix }}" libvirt_network_bridge: "{{ network_openstack_bridge }}" libvirt_network_type: "route" - when: create_networks + when: create_network_openstack - include_role: name: libvirt_network @@ -39,7 +39,7 @@ libvirt_network_bridge: "{{ network_neutron_bridge }}" libvirt_network_auto_dhcp: false libvirt_network_type: "route" - when: create_networks + when: create_network_neutron - include_role: name: create_aio diff --git a/ssh_config b/ssh_config deleted file mode 100644 index e69de29..0000000