Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #
- #
- # Field PM Team - Please send your feedback/bugs to Gregory Charot - gcharot@redhat.com
- #
- VERSION=2.6
- ######## PLEASE REVIEW ALL OPTIONS BELOW BEFORE RUNNING THE SCRIPT #########
- ##########################################################################
- # #
- # Subscription management #
- # #
- ##########################################################################
- # How do you want to register the systems ?
- # ACCEPTED values are "rhos-release" or "rhn"
- # PLEASE double check options below for each case.
- SUB_TYPE="rhos-release"
- ### For rhos-release only!
- RHOS_VERSION=14
- ### For RHN only!
- # WARNING Test coverage of this feature is limited
- # The script will attach your employee subscription
- # Your RHN login
- RHN_USERNAME="my-rhn-login"
- # Your RHN password - will be asked interactively if left empty
- RHN_PASSWD=""
- # RHEL Major Version
- RHEL_MAJ_VERSION="7"
- # RH-OSP major version
- OSP_MAJ_VERSION="10"
- ##########################################################################
- # #
- # Environment Definitions #
- # #
- ##########################################################################
- ### IRONIC Driver
- # Accepted values are ssh|vbmc
- # pxe_ssh NOT supported starting OSP12
- # Default: vbmc
- IRONIC_DRIVER="vbmc"
- ### VM Memory (GB) and vCPU settings
- # Undercloud
- UNDERC_MEM='20480'
- UNDERC_VCPU='8'
- # Controllers - 12GB or greater is strongly adviced to avoid OOM errors during deployment
- CTRL_MEM='12288'
- CTRL_VCPU='4'
- # Computes
- COMPT_MEM='6144'
- COMPT_VCPU='4'
- # Ceph OSDs
- CEPH_MEM='4096'
- CEPH_VCPU='4'
- # Number of additional disks (OSDs/Journals) to attach to Ceph nodes. Default is 3 AND minimum is 1 - This value does NOT include the O.S disk which is handled automatically.
- CEPH_OSD_DISK=3
- # Custom nodes
- CUST_MEM='4096'
- CUST_VCPU='2'
- ### Overcloud node's list ###
- # IMPORTANT #
- # !!!!! You can add new nodes by adding them to the relevant type !!!
- # For example to add a 4th ceph node please set
- # CEPH_N="ceph01 ceph02 ceph03 ceph04"
- CTRL_N="ctrl01 ctrl02 ctrl03"
- COMPT_N="compute01 compute02"
- CEPH_N="ceph01 ceph02 ceph03 ceph04"
- CUST_N="custom01 custom02"
- # DO NOT change ALL_N variable !
- ALL_N="$CTRL_N $COMPT_N $CEPH_N $CUST_N"
- ### IDM Configuration
- # DEPLOY_IDM="yes" will deploy an IDM container on the hypervisor. IDM will be configured with FQDN: ipa.redhat.local. admin password is "redhat42" The undercloud will be configured to use this IDM.
- DEPLOY_IDM="yes"
- IDM_IMAGE="registry.access.redhat.com/rhel7/ipa-server"
- # IDM "external" bind IP, this IP must be exposed by the hypervisor. Default is to use a dummy IP (available only if IRONIC_DRIVER="vbmc")
- IDM_BIND_IP="192.168.1.20"
- ### Overcloud's node ironic properties ###
- # Defaults work for most cases
- # Controller's nodes Ironic flavor
- CTRL_FLAVOR="control"
- # Controller's nodes scheduler hint - MUST NOT BE EMPTY - You can decide not to use in your THT.
- CTRL_SCHED="controller"
- # Controller's nodes extra properties. Add commas as needed
- CTRL_OTHER_PROP="boot_option:local"
- # Compute's nodes Ironic flavor
- COMPT_FLAVOR="compute"
- # Compute's nodes scheduler hint - MUST NOT BE EMPTY - You can decide not to use it in your THT.
- COMPT_SCHED="compute"
- # Compute's nodes extra properties. Add commas as needed
- COMPT_OTHER_PROP="boot_option:local"
- # Ceph's nodes Ironic flavor
- CEPH_FLAVOR="ceph-storage"
- # Ceph's nodes scheduler hint - MUST NOT BE EMPTY - You can decide not to use it in your THT.
- CEPH_SCHED="ceph"
- # Ceph's nodes extra properties. Add commas as needed
- CEPH_OTHER_PROP="boot_option:local"
- # Custom's nodes Ironic flavor
- CUST_FLAVOR="networker"
- # Custom's nodes scheduler hint - MUST NOT BE EMPTY - You can decide not to use it in your THT.
- CUST_SCHED="networker"
- # Custom's nodes extra properties. Add commas as needed
- CUST_OTHER_PROP="boot_option:local"
- ### Misc options
- LIBVIRT_D="/var/lib/libvirt/"
- RHEL_IMAGE_U="http://10.12.50.1/pub/rhel-7-x86_64-latest.qcow2"
- # You can add new packages to the hypervisor or undercloud system.
- PKG_HYPERVISOR="screen wget libvirt qemu-kvm virt-manager virt-install libguestfs-tools libguestfs-xfs xorg-x11-apps xauth virt-viewer xorg-x11-fonts-* net-tools ntpdate mlocate sshpass squid python-virtualbmc ipmitool python-setuptools"
- PKG_UNDERCLOUD="screen wget mlocate facter python-tripleoclient libvirt libguestfs-tools openstack-utils sshpass crudini ceph-ansible vim vim"
- ### Passwords: undercloud and overcloud images ROOT PASSWORD are set to "redhat"
- ##########################################################################
- # #
- # Miscellaneous #
- # #
- ##########################################################################
- ### Ensure $TERM is defined.
- if [ "$TERM" = "dumb" ]; then export TERM="xterm-256color"; fi
- ### Fancy colors
- RED=$(tput setaf 1)
- GREEN=$(tput setaf 2)
- NORMAL=$(tput sgr0)
- WHO_I_AM="$0"
- ##########################################################################
- # #
- # Common Functions #
- # #
- ##########################################################################
- #
- # Print info message to stderr
- #
- function echoinfo() {
- printf "${GREEN}INFO:${NORMAL} %s\n" "$*" >&2;
- }
- #
- # Print error message to stderr
- #
- function echoerr() {
- printf "${RED}ERROR:${NORMAL} %s\n" "$*" >&2;
- }
- #
- # Print exit message & exit 1
- #
- function exit_on_err()
- {
- echoerr "Failed to deploy - Please check the output, fix the error and restart the script"
- exit 1
- }
- #
- # Help function
- #
- function help() {
- >&2 echo "Usage : osp-lab-deploy [action]
- Deploy and configure virtual Red Hat Openstack Director lab - Version $VERSION
- ACTIONS
- ========
- libvirt-deploy Configure hypervisor and define VMs/Virtual networks
- idm-deploy Deploy Red Hat IDM (IPA) as container on the hypervisor.
- undercloud-install Prepare the undercloud base system for deployment
- overcloud-register Upload overcloud images to glance and register overcloud nodes to Ironic.
- howto Display a quick howto
- "
- }
- function howto()
- {
- >&2 echo "
- ----- How to use osp-lab-deploy -----
- You are using osp-lab-deploy version $VERSION
- Synopsis
- ========
- The program deploys a virtual enviroment ready to use for playing with Red Hat Director.
- Virtual enviroment is based on KVM/Libvirt - By default, 10 VMs will be defined + 1 Provisioning Network.
- * 1 Undercloud VM
- * 3 Controllers VMs
- * 2 Compute VMs
- * 3 Ceph VMs
- * 1 Custom node (Networker profile by default)
- Please NOTE that the script will only deploy the undercloud, other VMs are blank, ready to be deployed by Red Hat Director.
- You can customise the number of VMs of their configuration by editing the script and setting the appropriate options.
- Optionally you can setup a IDM container if you want to deploy OSP with TLS everywhere.
- Automation
- ==========
- If you want to automate the whole process please use smack-my-node-up.sh
- See https://gitlab.cee.redhat.com/gcharot/osp-enablement-tools/blob/master/deployment-tools/smack-my-node-up.sh
- Pre-requisites
- ==============
- - A baremetal hypervisor with a pre-installed RHEL system, a minimum of 64GB RAM is strongly adviced.
- - Please set the CPU and Memory value for each VM flavor by editing the required variables at the begining of the script.
- - Adjust the number of VMs you would like to define.
- - Likewise set the RHEL and OSP version you would like to use. Default is RHEL 7 and OSP10.
- Deploying the environment
- =========================
- Deployment is acheived in four steps :
- 1) Hypervisor configuration and VM's definition
- - Run \"osp-lab-deploy.sh libvirt-deploy\" as root on the hypervisor
- - REBOOT your hypervisor
- 1b) If you want to deploy IDM (DEPLOY_IDM=yes) then
- - Run \"osp-lab-deploy.sh idm-deploy\" as root on the hypervisor
- 2) Undercloud preparation
- - SSH into the undercloud node as root \"ssh root@undercloud\"
- - Run \"sh /tmp/osp-lab-deploy.sh undercloud-install\"
- - REBOOT the undercloud VM
- 3) Undercloud installation
- - Once rebooted ssh back to the undercloud VM as stack user \"ssh stackl@undercloud\"
- - Check the ~/undercloud.conf file, modify it if needed.
- - Install the undercloud as stack user \"openstack undercloud install\"
- 4) Configure and register nodes
- - Run \"sh /tmp/osp-lab-deploy.sh overcloud-register\" as stack user.
- - Check everything is fine.
- You're all set ! Happy hacking !!!
- Please send feedback and bugs to gcharot@redhat.com
- --- The Field PM Team ---
- "
- }
- #
- # Setup rhos-release
- #
- function setup_rhos_release()
- {
- echoinfo "Installing rhos-release..."
- if (rpm -q rhos-release);
- then
- echoinfo "rhos-release already installed, skipping !"
- echoinfo "Removing current configured repositories"
- yum clean all
- rhos-release -x
- else
- rpm -ivh http://rhos-release.virt.bos.redhat.com/repos/rhos-release/rhos-release-latest.noarch.rpm || { echoerr "Unable to install rhos-realease"; return 1; }
- fi
- # If we are on the hypervisor then install the latest puddles
- # TODO: Do this for RHN...
- if !(grep hypervisor /proc/cpuinfo &> /dev/null);
- then
- echoinfo "Hypervisor detected, installing latest puddle release..."
- rhos-release latest-released || { echoerr "Unable to configure rhos-realease to latest-released"; return 1; }
- return 0
- fi
- echoinfo "Configuring rhos-release to OSP $RHOS_VERSION..."
- rhos-release ${RHOS_VERSION}-cdn -p passed_phase2 || { echoerr "Unable to configure rhos-realease to ${RHOS_VERSION}-cdn"; return 1; }
- # Set sub mechanism free OSP major version
- OSP_VERSION=$RHOS_VERSION
- }
- #
- # Setup RHN
- #
- function setup_rhn()
- {
- if [ -z $RHN_PASSWD ]; then
- echo -n "No RHN Password submitted please enter your RHN password for account $RHN_USERNAME: "
- read -s RHN_PASSWD
- echo
- fi
- echoinfo "Registering to RHN..."
- subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWD || { echoerr "Unable to register"; return 1; }
- echoinfo "Looking for Employee SKU POOL ID..."
- RHN_POOLID=$(subscription-manager list --available --matches="Employee SKU" --pool-only | head -n1)
- if [ -z $RHN_POOLID ];
- then
- echoerr "Unable to find Employee SKU POOL ID"
- return 1
- else
- echoinfo "Found POOL ID $RHN_POOLID"
- fi
- echoinfo "Attaching pool $RHN_POOLID..."
- subscription-manager attach --pool=$RHN_POOLID || { echoerr "Unable to attach Employee SKU POOL ID"; return 1; }
- echoinfo "Configuring repositories..."
- subscription-manager repos --disable=* &>/dev/null
- subscription-manager repos --enable=rhel-${RHEL_MAJ_VERSION}-server-rpms --enable=rhel-${RHEL_MAJ_VERSION}-server-extras-rpms \
- --enable=rhel-${RHEL_MAJ_VERSION}-server-rh-common-rpms --enable=rhel-ha-for-rhel-${RHEL_MAJ_VERSION}-server-rpms \
- --enable=rhel-${RHEL_MAJ_VERSION}-server-openstack-${OSP_MAJ_VERSION}-rpms || { echoerr "Unable to enable required repositories"; return 1; }
- # Set sub mechanism free OSP major version
- OSP_VERSION=$OSP_MAJ_VERSION
- }
- #
- # Install required packages
- #
- function install_packages()
- {
- local pkg_list=$1
- echoinfo "---===== Configuring repositories =====---"
- if [ "$SUB_TYPE" = "rhos-release" ];
- then
- setup_rhos_release || exit_on_err
- elif [ "$SUB_TYPE" = "rhn" ];
- then
- setup_rhn || exit_on_err
- else
- echoerr "Incorrect registration option specified : $SUB_TYPE - Correct values are rhos-release or rhn"
- return 1
- fi
- # Check Ironic driver
- if [ "$IRONIC_DRIVER" = "vbmc" ];
- then
- echoinfo "Virtual BMC Ironic driver selected"
- elif [ "$IRONIC_DRIVER" = "ssh" ];
- then
- echoinfo "Pxe SSH Ironic driver selected"
- else
- echoerr "Incorrect Ironic Driver selected : $IRONIC_DRIVER ! Accepted values are ssh or vbmc"
- return 1
- fi
- echoinfo "---===== Installing Packages =====---"
- echoinfo "Updating system..."
- yum update -y || { echoerr "Unable to update system"; return 1; }
- echoinfo "Installing required packages..."
- yum install $pkg_list -y || { echoerr "Unable to install required packages"; return 1; }
- }
- ##########################################################################
- # #
- # Hypervisor & Libvirt functions #
- # #
- ##########################################################################
- #
- # Check dependencies + some sanity checks
- #
- function check_requirements()
- {
- # List of command dependencies
- local bin_dep="virsh virt-install qemu-img virt-resize virt-filesystems virt-customize"
- if [ "$IRONIC_DRIVER" = "vbmc" ];
- then
- bin_dep="$bin_dep vbmc"
- fi
- echoinfo "---===== Checking dependencies =====---"
- for cmd in $bin_dep; do
- echoinfo "Checking for $cmd..."
- $cmd --version >/dev/null 2>&1 || { echoerr "$cmd cannot be found... Aborting"; return 1; }
- done
- echoinfo "---===== Performing sanity checks =====---"
- if [ "$CEPH_OSD_DISK" -lt 1 ];
- then
- echoerr "You need to have at least one additional disk (OSD) attached to your Ceph nodes - Please configure the CEPH_OSD_DISK variable accordingly"
- return 1
- fi
- }
- #
- # Miscellaneous system config
- #
- function libv_misc_sys_config()
- {
- echoinfo "---===== Misc System Config =====---"
- echoinfo "Creating system user stack..."
- useradd stack
- echoinfo "Setting stack user password to redhat"
- echo "redhat" | passwd stack --stdin
- echoinfo "Configuring /etc/modprobe.d/kvm_intel.conf"
- cat << EOF > /etc/modprobe.d/kvm_intel.conf
- options kvm-intel nested=1
- options kvm-intel enable_shadow_vmcs=1
- options kvm-intel enable_apicv=1
- options kvm-intel ept=1
- EOF
- echoinfo "Configuring /etc/sysctl.d/98-rp-filter.conf"
- cat << EOF > /etc/sysctl.d/98-rp-filter.conf
- net.ipv4.conf.default.rp_filter = 0
- net.ipv4.conf.all.rp_filter = 0
- EOF
- echoinfo "Applying RP filter on running interfaces"
- for i in $(sysctl -A | grep "\.rp_filter" | cut -d" " -f1); do
- sysctl $i=0
- done
- echoinfo "Configuring /etc/polkit-1/localauthority/50-local.d/50-libvirt-user-stack.pkla"
- cat << EOF > /etc/polkit-1/localauthority/50-local.d/50-libvirt-user-stack.pkla
- [libvirt Management Access]
- Identity=unix-user:stack
- Action=org.libvirt.unix.manage
- ResultAny=yes
- ResultInactive=yes
- ResultActive=yes
- EOF
- echoinfo "Creating SSH keypair"
- if [ -e ~/.ssh/id_rsa ]; then
- echoinfo "SSH keypair already exists, skipping..."
- else
- ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ""
- fi
- echoinfo "Starting Libvirtd"
- systemctl start libvirtd || { echoerr "Unable to start libvirtd"; return 1; }
- echoinfo "Ensuring IPTables service is disabled"
- systemctl disable --now iptables.service
- echoinfo "Ensuring firewalld is enabled and running"
- systemctl enable --now firewalld || { echoerr "Unable to start firewalld"; return 1; }
- echoinfo "Configuring Squid"
- # Allow squid client to connect to https servers other than 443
- sed -i 's/\(http_access deny !Safe_ports\)/#\1/; s/\(http_access deny CONNECT !SSL_ports\)/#\1/' /etc/squid/squid.conf
- systemctl enable squid || { echoerr "Unable to enable Squid"; return 1; }
- systemctl start squid || { echoerr "Unable to start Squid"; return 1; }
- firewall-cmd --permanent --add-service=squid
- firewall-cmd --reload
- }
- #
- # Disable DHCP on default network + create provisioning network
- #
- function define_virt_net()
- {
- echoinfo "---===== Create virtual networks =====---"
- cat > /tmp/provisioning.xml <<EOF
- <network>
- <name>provisioning</name>
- <ip address="172.16.0.254" netmask="255.255.255.0"/>
- </network>
- EOF
- echoinfo "Defining provisioning network..."
- virsh net-define /tmp/provisioning.xml || { echoerr "Unable to define provisioning network"; return 1; }
- echoinfo "Setting net-autostart to provisioning network..."
- virsh net-autostart provisioning || { echoerr "Unable to configure provisioning network"; return 1; }
- echoinfo "Starting provisioning network..."
- virsh net-start provisioning || { echoerr "Unable to start provisioning network"; return 1; }
- echoinfo "Disabling DHCP on default network..."
- if(virsh net-dumpxml default | grep dhcp &>/dev/null); then
- virsh net-update default delete ip-dhcp-range "<range start='192.168.122.2' end='192.168.122.254'/>" --live --config || { echoerr "Unable to disable DHCP on default network"; return 1; }
- else
- echoinfo "DHCP already disabled, skipping"
- fi
- }
- #
- # Create generic RHEL image disk
- #
- function define_basic_image()
- {
- echoinfo "---===== Create generic RHEL image =====---"
- pushd ${LIBVIRT_D}/images/
- echoinfo "Downloading basic RHEL image from $RHEL_IMAGE_U..."
- curl -o rhel7-guest-official.qcow2 $RHEL_IMAGE_U || { echoerr "Unable to download RHEL IMAGE"; return 1; }
- echoinfo "Cloning RHEL image to a 100G sparse image..."
- qemu-img create -f qcow2 rhel7-guest.qcow2 100G || { echoerr "Unable to create sparse clone"; return 1; }
- echoinfo "Checking image disk size..."
- qemu-img info rhel7-guest.qcow2 | grep 100G &>/dev/null || { echoerr "Incorrect image disk size"; return 1; }
- echoinfo "Extending file system..."
- virt-resize --expand /dev/sda1 rhel7-guest-official.qcow2 rhel7-guest.qcow2 || { echoerr "Unable to extend file system"; return 1; }
- echoinfo "Checking image filesystem size..."
- virt-filesystems --long -h -a rhel7-guest.qcow2 | grep 100G &> /dev/null || { echoerr "Incorrect image filesystem size"; return 1; }
- echoinfo "Deleting old image..."
- rm -f rhel7-guest-official.qcow2
- popd
- }
- #
- # Define & setup undercloud VM
- #
- function define_undercloud_vm()
- {
- echoinfo "---===== Create Undercloud VM =====---"
- pushd ${LIBVIRT_D}/images/
- echoinfo "Create disk from generic image..."
- qemu-img create -f qcow2 -b rhel7-guest.qcow2 undercloud.qcow2 || { echoerr "Unable to create undercloud disk image"; return 1; }
- echoinfo "Customizing VM..."
- virt-customize -a undercloud.qcow2 --root-password password:redhat --ssh-inject "root:file:/root/.ssh/id_rsa.pub" --selinux-relabel --run-command 'yum remove cloud-init* -y && cp /etc/sysconfig/network-scripts/ifcfg-eth{0,1} && sed -i s/ONBOOT=.*/ONBOOT=no/g /etc/sysconfig/network-scripts/ifcfg-eth0 && cat << EOF > /etc/sysconfig/network-scripts/ifcfg-eth1
- DEVICE=eth1
- ONBOOT=yes
- IPADDR=192.168.122.253
- NETMASK=255.255.255.0
- GATEWAY=192.168.122.1
- NM_CONTROLLED=no
- DNS1=192.168.122.1
- DOMAIN=redhat.local
- EOF' || { echoerr "Unable to customise undercloud VM"; return 1; }
- echoinfo "Creating undercloud VM: ${UNDERC_VCPU}vCPUs / ${UNDERC_MEM}MB RAM..."
- virt-install --ram $UNDERC_MEM --vcpus $UNDERC_VCPU --os-variant rhel7 \
- --disk path=${LIBVIRT_D}/images/undercloud.qcow2,device=disk,bus=virtio,format=qcow2 \
- --import --noautoconsole --vnc --network network:provisioning \
- --network network:default --name undercloud || { echoerr "Unable to create undercloud VM"; return 1; }
- popd
- echoinfo "Enable undercloud VM at hypervisor boot"
- virsh autostart undercloud || { echoerr "Unable to set autostart on undercloud VM"; return 1; }
- echoinfo "Configuring /etc/hosts..."
- echo -e "192.168.122.253\t\tundercloud.redhat.local\tundercloud" >> /etc/hosts
- # Remove entry from known_host just in case
- sed -ie '/undercloud/d' ~/.ssh/known_hosts &> /dev/null
- echoinfo "Waiting for undercloud to come up"
- sleep 10
- local nb_tries=0 # Number of SSH connections to try
- local success=0 # Set to 1 if connection worked
- until [ $nb_tries -ge 5 ]
- do
- ssh -o ConnectTimeout=3 -o StrictHostKeyChecking=no root@undercloud "uptime" &> /dev/null
- if [ $? -eq 0 ]; then
- echoinfo "Successfully connected to the undercloud"
- success=1
- break
- fi
- nb_tries=$[$nb_tries+1]
- sleep 10
- done
- if [ $success -eq 0 ]; then
- echoerr "Unable to SSH to the undercloud - Has it rebooted properly ?"
- return 1
- fi
- echoinfo "SCP script to undercloud..."
- scp -o StrictHostKeyChecking=no $WHO_I_AM root@undercloud:/tmp || { echoerr "Unable to copy $WHO_I_AM to undercloud"; return 1; }
- echo
- }
- #
- # Define overcloud VMs
- #
- function define_overcloud_vms()
- {
- echoinfo "---===== Create overcloud VMs =====---"
- cd ${LIBVIRT_D}/images/
- for i in $ALL_N;
- do
- echoinfo "Creating disk image for node $i..."
- qemu-img create -f qcow2 -o preallocation=metadata overcloud-$i.qcow2 100G || { echoerr "Unable to define disk overcloud-$i.qcow2"; return 1; }
- done
- for i in $CEPH_N;
- do
- echoinfo "Creating additional disk's image(s) for node $i..."
- for((n=1;n<=$CEPH_OSD_DISK;n+=1)); do
- echoinfo "Creating additional disk $n - ${LIBVIRT_D}/images/overcloud-${i}-storage-${n}.qcow2"
- qemu-img create -f qcow2 -o preallocation=metadata overcloud-${i}-storage-${n}.qcow2 100G || { echoerr "Unable to define disk overcloud-$i-storage-${n}.qcow2"; return 1; }
- done
- echo
- done
- echoinfo "Defining controller nodes..."
- echo
- for i in $CTRL_N;
- do
- echoinfo "Defining node overcloud-$i..."
- virt-install --ram $CTRL_MEM --vcpus $CTRL_VCPU --os-variant rhel7 \
- --disk path=${LIBVIRT_D}/images/overcloud-$i.qcow2,device=disk,bus=virtio,format=qcow2 \
- --noautoconsole --vnc --network network:provisioning \
- --network network:default --network network:default \
- --name overcloud-$i \
- --cpu SandyBridge,+vmx \
- --dry-run --print-xml > /tmp/overcloud-$i.xml;
- # Fix for OSP10 + vBMC
- sed -i "/<os>/a\ <bios rebootTimeout='0'\/>" /tmp/overcloud-$i.xml
- virsh define --file /tmp/overcloud-$i.xml || { echoerr "Unable to define overcloud-$i"; return 1; }
- done
- echoinfo "Defining compute nodes..."
- echo
- for i in $COMPT_N;
- do
- echoinfo "Defining node overcloud-$i..."
- virt-install --ram $COMPT_MEM --vcpus $COMPT_VCPU --os-variant rhel7 \
- --disk path=${LIBVIRT_D}/images/overcloud-$i.qcow2,device=disk,bus=virtio,format=qcow2 \
- --noautoconsole --vnc --network network:provisioning \
- --network network:default --network network:default \
- --name overcloud-$i \
- --cpu SandyBridge,+vmx \
- --dry-run --print-xml > /tmp/overcloud-$i.xml
- # Fix for OSP10 + vBMC
- sed -i "/<os>/a\ <bios rebootTimeout='0'\/>" /tmp/overcloud-$i.xml
- virsh define --file /tmp/overcloud-$i.xml || { echoerr "Unable to define overcloud-$i"; return 1; }
- done
- echoinfo "Defining ceph nodes..."
- echo
- for i in $CEPH_N;
- do
- echoinfo "Defining node overcloud-$i..."
- virt-install --ram $CEPH_MEM --vcpus $CEPH_VCPU --os-variant rhel7 \
- --disk path=${LIBVIRT_D}/images/overcloud-$i.qcow2,device=disk,bus=virtio,format=qcow2 \
- $(for((n=1;n<=$CEPH_OSD_DISK;n+=1)); do echo -n "--disk path=${LIBVIRT_D}/images/overcloud-$i-storage-${n}.qcow2,device=disk,bus=virtio,format=qcow2 "; done) \
- --noautoconsole --vnc --network network:provisioning \
- --network network:default --network network:default \
- --name overcloud-$i \
- --cpu SandyBridge,+vmx \
- --dry-run --print-xml > /tmp/overcloud-$i.xml
- # Fix for OSP10 + vBMC
- sed -i "/<os>/a\ <bios rebootTimeout='0'\/>" /tmp/overcloud-$i.xml
- virsh define --file /tmp/overcloud-$i.xml || { echoerr "Unable to define overcloud-$i"; return 1; }
- done
- echoinfo "Defining custom nodes..."
- echo
- for i in $CUST_N;
- do
- echoinfo "Defining custom node overcloud-$i..."
- virt-install --ram $CUST_MEM --vcpus $CUST_VCPU --os-variant rhel7 \
- --disk path=${LIBVIRT_D}/images/overcloud-$i.qcow2,device=disk,bus=virtio,format=qcow2 \
- --noautoconsole --vnc --network network:provisioning \
- --network network:default --network network:default \
- --name overcloud-$i \
- --cpu SandyBridge,+vmx \
- --dry-run --print-xml > /tmp/overcloud-$i.xml
- # Fix for OSP10 + vBMC
- sed -i "/<os>/a\ <bios rebootTimeout='0'\/>" /tmp/overcloud-$i.xml
- virsh define --file /tmp/overcloud-$i.xml || { echoerr "Unable to define overcloud-$i..."; return 1; }
- done
- rm -f /tmp/overcloud-*
- }
- function configure_vbmc()
- {
- echoinfo "---===== Configuring Virtual BMC =====---"
- echoinfo "Setting up dummy IPs..."
- echoinfo "Adding dummy kernel module at system boot"
- echo dummy > /etc/modules-load.d/dummy.conf
- echoinfo "Generating config file /etc/sysconfig/network-scripts/ifcfg-dummy0"
- cat << EOF > /etc/sysconfig/network-scripts/ifcfg-dummy0
- DEVICE=dummy0
- ONBOOT=yes
- NM_CONTROLLED="no"
- IPADDR=192.168.1.1
- PREFIX=24
- $(for ((i=2;i<=20;i++)); do
- echo IPADDR${i}=192.168.1.${i}
- echo PREFIX${i}=24
- done)
- EOF
- echoinfo "Loading dummy kernel module"
- modprobe dummy || { echoerr "Unable to load dummy kernel module"; return 1; }
- echoinfo "Bringing up dummy0 interface"
- ifup dummy0 || { echoerr "Unable to bring up dummy0 interface"; return 1; }
- echoinfo "Creating VirtualBMC systemd unit file"
- cat << EOF > /usr/lib/systemd/system/virtualbmc@.service
- [Unit]
- Description=VirtualBMC %i service
- After=network.target libvirtd.services
- [Service]
- Type=forking
- PIDFile=/root/.vbmc/%i/pid
- ExecStart=/bin/vbmc start %i
- ExecStop=/bin/vbmc stop %i
- Restart=always
- [Install]
- WantedBy=multi-user.target
- EOF
- echoinfo "Configure Firewall for vBMC..."
- echoinfo "Opening port 623/udp"
- sudo firewall-cmd --zone=public --add-port=623/udp --permanent || { echoerr "Unable to open port 623/udp..."; return 1; }
- echoinfo "Restarting firewall"
- firewall-cmd --reload || { echoerr "Unable to restart firewalld..."; return 1; }
- echoinfo "Adding nodes to Virtual BMC..."
- count=1
- for i in $(virsh list --all | awk ' /overcloud/ {print $2}'); do
- echoinfo "Adding node $i to Virtual BMC"
- vbmc add $i --address 192.168.1.${count} --username admin --password redhat || { echoerr "Unable to add $i to Virtual BMC..."; return 1; }
- echoinfo "Starting Virtual BMC service for node $i"
- systemctl enable --now virtualbmc@${i} || { echoerr "Unable to start Virtual BMC service for $i..."; return 1; }
- echoinfo "Testing IPMI connection on node $i"
- ipmitool -I lanplus -U admin -P redhat -H 192.168.1.${count} power status || { echoerr "IPMI test on node $i failed..."; return 1; }
- count=$((count+1))
- done
- echoinfo "Setting VirtualBMC sudo permissions for stack users"
- echo -e "stack\tALL=(root)\tNOPASSWD:/usr/bin/vbmc" > /etc/sudoers.d/vbmc
- }
- #
- # Summary output
- #
- function libv_post_install_output()
- {
- echo
- echoinfo "---===== SUMMARY =====---"
- echo
- echo "You can connect to the undercloud VM with ssh root@undercloud / p: redhat / IP : 192.168.122.253"
- echo
- echo "Two virtual networks have been set"
- echo "- Default : 192.168.122.0/24 / GW : 192.168.122.1"
- echo "- Provisioning : 172.16.0.0/24 / GW : 172.16.0.254"
- echo
- echo "List your VMs with virsh list --all"
- echo
- echo "Use default network for overcloud traffic - Use eth1 & eth2 for bonding"
- echo
- echoinfo "Next steps :"
- echo "---- ${RED} !!! PLEASE REBOOT YOUR SYSTEM !!! ${NORMAL}----"
- echo "- Optional Run \"osp-lab-deploy.sh idm-deploy\" as root on the hypervisor if you've set DEPLOY_IDM=yes"
- echo "- ssh root@undercloud"
- echo "- run sh /tmp/osp-lab-deploy.sh undercloud-install as root"
- echo
- echo "Happy hacking !!! - The field PM Team"
- }
- function libvirt_deploy()
- {
- echoinfo "Checking UID..."
- if [ $UID -ne 0 ]; then
- echoerr "Please run this script as root"
- exit_on_err
- fi
- install_packages "$PKG_HYPERVISOR" || exit_on_err
- check_requirements || exit_on_err
- libv_misc_sys_config || exit_on_err
- define_virt_net || exit_on_err
- define_basic_image || exit_on_err
- define_undercloud_vm || exit_on_err
- define_overcloud_vms || exit_on_err
- if [ "$IRONIC_DRIVER" = "vbmc" ];
- then
- configure_vbmc || exit_on_err
- fi
- libv_post_install_output
- }
- ##########################################################################
- # #
- # Undercloud install functions #
- # #
- ##########################################################################
- #
- # Miscellaneous system config
- #
- function undercloud_misc_sys_config()
- {
- echoinfo "---===== Misc System Config =====---"
- echoinfo "Setting Hostname to undercloud.redhat.local"
- hostnamectl set-hostname undercloud.redhat.local || { echoerr "Unable to set hostname undercloud.redhat.local"; return 1; }
- # Set undercloud DNS to IPA IP if DEPLOY_IDM="yes"
- if [ $DEPLOY_IDM = "yes" ]; then
- sed -i "/DNS1=/c\DNS1=$IDM_BIND_IP" /etc/sysconfig/network-scripts/ifcfg-eth1 || { echoerr "Unable to set DNS to $IDM_BIND_IP"; return 1; }
- fi
- echoinfo "Restarting network service"
- systemctl restart network || { echoerr "Unable to restart network service"; return 1; }
- echoinfo "Populating Hosts file"
- ipaddr=$(facter ipaddress_eth1)
- echo -e "$ipaddr\t\tundercloud.redhat.local\tundercloud" >> /etc/hosts
- echoinfo "Creating system user stack..."
- useradd stack
- echoinfo "Setting stack user password to redhat"
- echo "redhat" | passwd stack --stdin
- echoinfo "Creating SSH keypair"
- if [ -e /home/stack/.ssh/id_rsa ]; then
- echoinfo "SSH keypair already exists, skipping..."
- else
- sudo -u stack ssh-keygen -b 2048 -t rsa -f /home/stack/.ssh/id_rsa -q -N ""
- fi
- echoinfo "Adding hypervisor's SSH key to stack user authorized_keys"
- cp /root/.ssh/authorized_keys /home/stack/.ssh/authorized_keys
- chown stack:stack /home/stack/.ssh/authorized_keys
- echoinfo "Adding stack user to sudoers"
- echo "stack ALL=(root) NOPASSWD:ALL" | tee -a /etc/sudoers.d/stack
- chmod 0440 /etc/sudoers.d/stack
- echoinfo "Copying stack user SSH key to hypervisor..."
- sudo -u stack sshpass -p 'redhat' ssh-copy-id -o StrictHostKeyChecking=no stack@192.168.122.1 || { echoerr "Unable to copy SSH key to hypervisor - Check password authentication is enabled"; return 1; }
- echoinfo "Testing virsh connection to hypervisor"
- sudo -u stack virsh -c qemu+ssh://stack@192.168.122.1/system list || { echoerr "Unable to connect to the hypervisor"; return 1; }
- echoinfo "Disabling Libvirtd on the undercloud"
- systemctl disable libvirtd
- }
- function configure_undercloud()
- {
- echoinfo "Configuring undercloud.conf"
- sudo -u stack cp /usr/share/instack-undercloud/undercloud.conf.sample /home/stack/undercloud.conf || { echoerr "Failed to copy sample undercloud file to /home/stack/"; return 1; }
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT local_ip 172.16.0.1/24
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT local_interface eth0
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT masquerade_network 172.16.0.0/24
- if [ $OSP_VERSION -le 13 ]; then
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT undercloud_public_vip 172.16.0.10
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT undercloud_admin_vip 172.16.0.11
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT dhcp_start 172.16.0.20
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT dhcp_end 172.16.0.120
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT network_cidr 172.16.0.0/24
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT network_gateway 172.16.0.1
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT discovery_iprange 172.16.0.150,172.16.0.180
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT inspection_iprange 172.16.0.150,172.16.0.180
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT generate_service_certificate false
- # OSP14+ some undercloud.conf parameters change and the undercloud is now containerised
- else
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT undercloud_public_host 172.16.0.10
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT undercloud_admin_host 172.16.0.11
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT clean_nodes true
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT container_images_file /home/stack/undercloud-templates/containers-prepare-parameter.yaml
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT custom_env_files /home/stack/undercloud-templates/ntp.yaml
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT docker_insecure_registries docker-registry.engineering.redhat.com
- sudo -u stack crudini --set /home/stack/undercloud.conf ctlplane-subnet local_subnet ctlplane-subnet
- sudo -u stack crudini --set /home/stack/undercloud.conf ctlplane-subnet masquerade true
- sudo -u stack crudini --set /home/stack/undercloud.conf ctlplane-subnet cidr 172.16.0.0/24
- sudo -u stack crudini --set /home/stack/undercloud.conf ctlplane-subnet gateway 172.16.0.1
- sudo -u stack crudini --set /home/stack/undercloud.conf ctlplane-subnet inspection_iprange 172.16.0.150,172.16.0.180
- sudo -u stack crudini --set /home/stack/undercloud.conf ctlplane-subnet dhcp_start 172.16.0.20
- sudo -u stack crudini --set /home/stack/undercloud.conf ctlplane-subnet dhcp_end 172.16.0.120
- sudo -u stack mkdir /home/stack/undercloud-templates || { echoerr "Failed to create /home/stack/undercloud-templates directory"; return 1; }
- echoinfo "Generating containers-prepare-parameter.yaml..."
- sudo -u stack openstack tripleo container image prepare default --local-push-destination --output-env-file /home/stack/undercloud-templates/containers-prepare-parameter.yaml || \
- { echoerr "Failed to generate /home/stack/undercloud-templates/containers-prepare-parameter.yaml "; return 1; }
- # Set container registry to internal one if using rhos-release
- # if [ "$SUB_TYPE" = "rhos-release" ]; then
- # sudo -u stack sed -i "s?registry.access.redhat.com/rhosp14?docker-registry.engineering.redhat.com/rhosp${OSP_VERSION}?" /home/stack/undercloud-templates/containers-prepare-parameter.yaml
- # fi
- echoinfo "Generating ntp.yaml"
- sudo -u stack cat << EOF > /home/stack/undercloud-templates/ntp.yaml
- parameter_defaults:
- NtpServer: '10.16.255.1'
- EOF
- fi
- if [ $DEPLOY_IDM = "yes" ]; then
- echoinfo "Installing novajoin..."
- sudo yum install -y python-novajoin || { echoerr "Failed to install python-novajoin"; return 1; }
- echoinfo "Getting OTP from IDM..."
- otp=$(sudo /usr/libexec/novajoin-ipa-setup \
- --principal admin \
- --password redhat42 \
- --server ipa.redhat.local \
- --realm REDHAT.LOCAL \
- --domain redhat.local \
- --hostname undercloud.redhat.local \
- --precreate)
- if [ $? -eq 0 ]; then
- echoinfo "Successfully retrieved OTP from IDM: $OTP"
- else
- echoerr "Failed to retrieve OTP password from IDM!"
- return 1
- fi
- echoinfo "Configuring IDM parameters in undercloud.conf"
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT enable_novajoin true
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT ipa_otp $otp
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT undercloud_hostname undercloud.redhat.local
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT overcloud_domain_name redhat.local
- sudo -u stack crudini --set /home/stack/undercloud.conf DEFAULT undercloud_nameservers $IDM_BIND_IP
- fi
- }
- #
- # Summary output
- #
- function undercloud_post_install_output()
- {
- echo
- echoinfo "---===== SUMMARY =====---"
- echo
- echo "Base system and undercloud configuration completed !"
- echoinfo "Next steps :"
- echo "- !!!! REBOOT the undercloud VM !!!!"
- echo "- Check ~stack/undercloud.conf file"
- echo "- Run openstack undercloud install as stack user"
- echo "- Check the undercloud install is successful"
- echo "- Run osp-lab-deploy.sh overcloud-register as stack user"
- }
- function undercloud_install()
- {
- echoinfo "Checking UID..."
- if [ $UID -ne 0 ]; then
- echoerr "Please run this script as root"
- exit_on_err
- fi
- install_packages "$PKG_UNDERCLOUD" || exit_on_err
- undercloud_misc_sys_config || exit_on_err
- configure_undercloud || exit_on_err
- undercloud_post_install_output
- }
- ##########################################################################
- # #
- # Undercloud node registration functions #
- # #
- ##########################################################################
- function upload_overcloud_image()
- {
- echoinfo "---===== Upload Overcloud images =====---"
- echoinfo "Installing package rhosp-director-images..."
- sudo yum install rhosp-director-images -y || { echoerr "Unable to install package rhosp-director-images"; return 1; }
- echoinfo "Create /home/stack/images directory"
- mkdir -p ~/images/
- cd ~/images/
- echoinfo "Extracting IPA image to ~/images..."
- tar xvf /usr/share/rhosp-director-images/ironic-python-agent.tar -C . || { echoerr "Unable to extract IPA image"; return 1; }
- echoinfo "Extracting overcloud image to ~/images..."
- tar xvf /usr/share/rhosp-director-images/overcloud-full.tar -C . || { echoerr "Unable to extract overcloud images"; return 1; }
- echoinfo "Customising overcloud image..."
- virt-customize -a ~/images/overcloud-full.qcow2 --root-password password:redhat --run-command "rpm -ivh http://rhos-release.virt.bos.redhat.com/repos/rhos-release/rhos-release-latest.noarch.rpm && rhos-release ${RHOS_VERSION}-cdn" || { echoerr "Unable to customise overcloud image"; return 1; }
- echoinfo "Uploading images to glance"
- openstack overcloud image upload || { echoerr "Failed to upload images to glance"; return 1; }
- }
- #
- # Dynamic instackenv generation for VirtualBMC (nasty bash)
- #
- function generate_instackenv_vbmc()
- {
- echoinfo "Generating ~/instackenv.json file with VirtualBMC (pxe_ipmitool) driver..."
- echoinfo "Retrieving VirtualBMC assignments"
- ssh stack@192.168.122.1 sudo vbmc list | awk ' /overcloud/ {print $2" "$6}' > /tmp/vbmc_assign
- (
- count=1
- cat << EOF
- {
- "nodes": [
- EOF
- for node in $ALL_N; do
- cat << EOF
- {
- "name": "overcloud-$node",
- "pm_addr": "$(grep overcloud-$node /tmp/vbmc_assign | cut -d' ' -f2)",
- "pm_password": "redhat",
- "pm_type": "pxe_ipmitool",
- "mac": [
- "$(sed -n ${count}p /tmp/nodes.txt)"
- ],
- "pm_user": "admin"
- },
- EOF
- (( count += 1 ))
- done
- cat << EOF
- ]
- }
- EOF
- )>/tmp/instackenv.tmp
- # Find the last '},' line so we can remove the ',' - yeah ugly hein :)
- # TODO: Find something more elegant
- LINE=$(($(cat /tmp/instackenv.tmp | wc -l) - 2))
- # Remove ',' from the last block
- sed -i -e "${LINE}s/,//g" /tmp/instackenv.tmp
- jq . /tmp/instackenv.tmp > ~/instackenv.json
- }
- #
- # Dynamic instackenv generation for PXE_SSH (nasty bash)
- #
- function generate_instackenv_ssh()
- {
- echoinfo "Generating ~/instackenv.json file with pxe_ssh driver"
- (
- count=1
- cat << EOF
- {
- "nodes": [
- EOF
- for node in $ALL_N; do
- cat << EOF
- {
- "pm_user": "stack",
- "mac": [
- "$(sed -n ${count}p /tmp/nodes.txt)"
- ],
- "pm_type": "pxe_ssh",
- "pm_password": "$(cat ~/.ssh/id_rsa)",
- "pm_addr": "192.168.122.1",
- "name": "overcloud-$node"
- },
- EOF
- (( count += 1 ))
- done
- cat << EOF
- ]
- }
- EOF
- )>/tmp/instackenv.tmp
- # Find the last '},' line so we can remove the ',' - yeah ugly hein :)
- LINE=$(($(cat /tmp/instackenv.tmp | wc -l) - 2))
- # Remove ',' from the last block
- sed -i -e "${LINE}s/,//g" /tmp/instackenv.tmp
- jq . /tmp/instackenv.tmp > ~/instackenv.json
- }
- #
- # Register overcloud nodes into undercloud's Ironic and introspect nodes
- #
- function register_overcloud_nodes()
- {
- echoinfo "---===== Registering overcloud images =====---"
- cd ~
- echoinfo "Dumping overcloud's nodes provisioning MAC addresses to /tmp/nodes.txt"
- for i in $ALL_N; do
- echoinfo "Looking for node $i"
- virsh -c qemu+ssh://stack@192.168.122.1/system domiflist overcloud-$i | awk '$3 == "provisioning" {print $5};' || { echoerr "Unable to get MAC address of node $i"; return 1; }
- done > /tmp/nodes.txt
- if [ "$IRONIC_DRIVER" = "vbmc" ];
- then
- generate_instackenv_vbmc
- elif [ "$IRONIC_DRIVER" = "ssh" ];
- then
- generate_instackenv_ssh
- else
- echoerr "Incorrect Ironic Driver selected : $IRONIC_DRIVER ! Accepted values are ssh or vbmc"
- return 1
- fi
- echoinfo "Importing overcloud nodes and introspecting nodes..."
- openstack overcloud node import --provide instackenv.json --introspect --provide --instance-boot-option local || { echoerr "Failed to import/instrospect nodes !"; return 1; }
- if [ $DEPLOY_IDM = "yes" ]; then
- local dns=$IDM_BIND_IP
- else
- local dns=192.168.122.1
- fi
- echoinfo "Setting DNS to $dns on Neutron provisioning network..."
- openstack subnet set --dns-nameserver $dns ctlplane-subnet
- echoinfo "Setting docker-registry.engineering.redhat.com to the list of insecure registries"
- sudo sed -i '/INSECURE_REGISTRY/c\INSECURE_REGISTRY="--insecure-registry 172.16.0.1:8787 --insecure-registry 172.16.0.11:8787 --insecure-registry docker-registry.engineering.redhat.com"' /etc/sysconfig/docker
- echoinfo "Restarting docker service"
- sudo systemctl restart docker
- }
- #
- # Tag overcloud nodes to their respective properties.
- #
- function tag_overcloud_nodes()
- {
- local sched_incr=0
- echoinfo "---===== Tag overcloud images =====---"
- echoinfo "Tagging Controller nodes to $CTRL_FLAVOR profile and $CTRL_SCHED scheduler hint..."
- for i in $CTRL_N; do
- echoinfo "Setting up $i..."
- openstack baremetal node set overcloud-$i --property capabilities=profile:${CTRL_FLAVOR},node:${CTRL_SCHED}-${sched_incr},${CTRL_OTHER_PROP} || { echoerr "Setting Ironic properties on node $i failed !"; return 1; }
- ((sched_incr+=1))
- done
- echoinfo "Tagging Compute nodes to $COMPT_FLAVOR profile and $COMPT_SCHED scheduler hint..."
- sched_incr=0
- for i in $COMPT_N; do
- echoinfo "Setting up $i..."
- openstack baremetal node set overcloud-$i --property capabilities=profile:${COMPT_FLAVOR},node:${COMPT_SCHED}-${sched_incr},${COMPT_OTHER_PROP} || { echoerr "Setting Ironic properties on node $i failed !"; return 1; }
- ((sched_incr+=1))
- done
- echoinfo "Tagging Ceph nodes to $CEPH_FLAVOR profile and $CEPH_SCHED scheduler hint..."
- sched_incr=0
- for i in $CEPH_N; do
- echoinfo "Setting up $i..."
- openstack baremetal node set overcloud-$i --property capabilities=profile:${CEPH_FLAVOR},node:${CEPH_SCHED}-${sched_incr},${CEPH_OTHER_PROP} || { echoerr "Setting Ironic properties on node $i failed !"; return 1; }
- ((sched_incr+=1))
- done
- echoinfo "Tagging Custom nodes to $CUST_FLAVOR profile and $CUST_SCHED scheduler hint..."
- sched_incr=0
- for i in $CUST_N; do
- echoinfo "Setting up $i..."
- openstack baremetal node set overcloud-$i --property capabilities=profile:${CUST_FLAVOR},node:${CUST_SCHED}-${sched_incr},${CUST_OTHER_PROP} || { echoerr "Setting Ironic properties on node $i failed !"; return 1; }
- ((sched_incr+=1))
- done
- echoinfo "Creating $CUST_FLAVOR custom flavor..."
- openstack flavor create --id auto --ram 4096 --disk 40 --vcpus 1 $CUST_FLAVOR || { echoerr "Unable to create custom $CUST_FLAVOR flavor !"; return 1; }
- openstack flavor set --property "capabilities:boot_option"="local" --property "capabilities:profile"=$CUST_FLAVOR $CUST_FLAVOR || { echoerr "Unable to configure networker flavor !"; return 1; }
- }
- # Configure IDM for overcloud LDAP authentication (service + tenant user). Non blocking function, script won't fail it something goes wrong.
- function post_idm_config()
- {
- echoinfo "---===== IDM post configuration =====---"
- echoinfo "Authenticating to kerberos server as admin..."
- echo "redhat42" | kinit admin || { echoerr "Unable to login as admin!"; return 1; }
- echoinfo "Adding service user svc-ldap..."
- ipa user-add svc-ldap --first OpenStack --last RH
- echoinfo "Setting svc-ldap user password to \"redhat\""
- echo "redhat" | ipa passwd svc-ldap
- echoinfo "Adding group grp-openstack..."
- ipa group-add --desc="OpenStack Users" grp-openstack
- echoinfo "Adding svc-ldap to grp-openstack group..."
- ipa group-add-member --users=svc-ldap grp-openstack
- echoinfo "Adding OpenStack user test-user"
- ipa user-add test-user --first test --last user
- echoinfo "Setting test-user passwd to \"test\""
- echo "test" | ipa passwd test-user
- echoinfo "Adding test-user to grp-openstack group"
- ipa group-add-member --users=test-user grp-openstack
- }
- function overcloud_reg_post_install_output()
- {
- echoinfo "Sucessfully uploaded overcloud image to glance"
- echoinfo "Sucessfully register overcloud nodes to ironic : $ALL_N"
- echoinfo "source ~/stackrc to start playing !!!"
- echo
- echo "Happy hacking !!! - The field PM Team"
- }
- function overcloud_register()
- {
- echoinfo "Checking UID..."
- if [ $USER != "stack" ]; then
- echoerr "Please run this script as stack user"
- exit_on_err
- fi
- if [ -f ~/stackrc ]; then
- source ~/stackrc
- else
- echoerr "Unable to source ~/stackrc - Have you installed the undercloud ???"
- exit_on_err
- fi
- upload_overcloud_image || exit_on_err
- register_overcloud_nodes || exit_on_err
- tag_overcloud_nodes || exit_on_err
- if [ $DEPLOY_IDM = "yes" ]; then
- post_idm_config
- fi
- echoinfo "All set ! You're good to go !"
- }
- ##########################################################################
- # #
- # Deploy IDM #
- # #
- ##########################################################################
- function wait_for_container()
- {
- local container_name=$1
- local sleep_t=10 # Sleep interval between tries
- local max_tries=120 # Max number of tries
- local nb_tries=0 # Try counter
- local success=0 # Set to 1 connection worked
- echoinfo "Waiting for container to be fully configured (20m timeout)..."
- # 5m on a Dell node - 15m on a Cisco node (yay \o/)
- echoinfo "This process takes approximately 5m on a good standing server."
- until [ $nb_tries -ge $max_tries ]
- do
- if ( docker logs $container_name | tail | grep "FreeIPA server configured" &> /dev/null ); then
- # This means container is configured sucessfully
- echoinfo "--- IDM sucessfully configured! ---"
- success=1
- break
- fi
- if ( docker logs $container_name | tail | grep "FreeIPA server configuration failed" &> /dev/null ); then
- # This means container configuration failed
- echoinfo "IDM configuration failed!"
- break
- fi
- nb_tries=$[$nb_tries+1]
- echo "Try number $nb_tries / $max_tries. Waiting ${sleep_t}s more..."
- sleep $sleep_t
- done
- # Check result
- if [ $success -eq 0 ]; then
- return 1
- else
- return 0
- fi
- }
- function idm_deploy()
- {
- echoinfo "---===== Deploy IDM Container =====---"
- if [ $DEPLOY_IDM != "yes" ]; then
- echoinfo "DEPLOY_IDM is set to $DEPLOY_IDM - Skipping deployment!"
- return 0
- fi
- echoinfo "Installing Docker"
- yum install -y docker || { echoerr "Failed to install Docker!"; return 1; }
- echoinfo "Starting Docker service"
- sudo systemctl enable --now docker.service || { echoerr "Failed to enable/start docker!"; return 1; }
- echoinfo "Pulling IDM image from $IDM_IMAGE"
- docker pull $IDM_IMAGE || { echoerr "Failed to pull IDM image from $IDM_IMAGE!"; return 1; }
- echoinfo "Tagging IDM image"
- docker tag $IDM_IMAGE idm || { echoerr "Failed to tag IDM image $IDM_IMAGE!"; return 1; }
- echoinfo "Verifying $IDM_BIND_IP is reachable..."
- ping -c 3 $IDM_BIND_IP || { echoerr "Failed to ping $IDM_BIND_IP!"; return 1; }
- echoinfo "Configuring firewalld..."
- firewall-cmd --permanent --add-port={80/tcp,443/tcp,389/tcp,636/tcp,88/tcp,88/udp,464/tcp,464/udp,53/tcp,53/udp,123/udp} || { echoerr "Failed to configure firewalld!"; return 1; }
- firewall-cmd --permanent --add-service=freeipa-ldap || { echoerr "Failed to configure firewalld"; return 1; }
- echoinfo "Restarting firewalld..."
- firewall-cmd --reload || { echoerr "Failed to restart firewalld"; return 1; }
- echoinfo "Setting up SELinux..."
- setsebool -P container_manage_cgroup 1
- echoinfo "Starting IDM container..."
- # See https://bugzilla.redhat.com/show_bug.cgi?id=1353831
- docker run -d --restart unless-stopped --net=bridge -v /var/lib/ipa-data:/data/ipa1/ipa-data \
- -v /var/log:/data/ipa1/ipa-logs -v /sys/fs/cgroup:/sys/fs/cgroup:ro \
- -h ipa.redhat.local --tmpfs /run --tmpfs /tmp -e IPA_SERVER_IP=$IDM_BIND_IP \
- -p $IDM_BIND_IP:88:88 -p $IDM_BIND_IP:88:88/udp -p $IDM_BIND_IP:123:123/udp \
- -p $IDM_BIND_IP:389:389 -p $IDM_BIND_IP:443:443 -p $IDM_BIND_IP:464:464 \
- -p $IDM_BIND_IP:464:464/udp -p $IDM_BIND_IP:636:636 -p $IDM_BIND_IP:7389:7389 \
- -p $IDM_BIND_IP:9443:9443 -p $IDM_BIND_IP:9444:9444 -p $IDM_BIND_IP:9445:9445 \
- -p $IDM_BIND_IP:80:80 -p $IDM_BIND_IP:53:53 -p $IDM_BIND_IP:53:53/udp \
- --name idm -it idm --unattended \
- --realm=REDHAT.LOCAL \
- --mkhomedir \
- --ds-password="redhat42" \
- --admin-password="redhat42" \
- --ip-address=$IDM_BIND_IP \
- --setup-dns \
- --auto-forwarders \
- --auto-reverse || { echoerr "Failed to start IDM container!"; return 1; }
- # We need to wait for IDM to be up and running because of DNS (undercloud uses it) and kerberos for novajoin to work properly.
- wait_for_container idm || { echoerr "IDM container configuration failed! For additional info do a \"docker logs idm\""; return 1; }
- # We need to restart docker for obscure reasons, otherwise overcloud nodes cannot reach container.
- echoinfo "Restarting docker service..."
- systemctl restart docker
- echoinfo "Next steps :"
- echo "- ssh root@undercloud"
- echo "- run sh /tmp/osp-lab-deploy.sh undercloud-install as root"
- echo
- echo "Happy hacking !!! - The field PM Team"
- }
- ##########################################################################
- # #
- # Main function #
- # #
- ##########################################################################
- case $1 in
- "libvirt-deploy")
- echoinfo "Starting libvirt deployment..."
- libvirt_deploy
- ;;
- "idm-deploy")
- echoinfo "Starting IDM container deployment..."
- idm_deploy || exit_on_err
- ;;
- "undercloud-install")
- echoinfo "Starting undercloud installation..."
- undercloud_install
- ;;
- "overcloud-register")
- echoinfo "Starting undercloud nodes registration..."
- overcloud_register
- ;;
- "howto")
- howto
- ;;
- *)
- echoerr "Invalid argument"
- help
- ;;
- esac
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement