diff --git a/inventory b/inventory new file mode 100644 index 0000000..2267ef3 --- /dev/null +++ b/inventory @@ -0,0 +1,15 @@ +root@controller01:~# vi /etc/kolla/multinode +[control] +control[01:03] ansible_user=root ansible_password=admin123 + +[network] +control[01:03] ansible_user=root ansible_password=admin123 + +[compute] +compute[01:02] ansible_user=root ansible_password=admin123 + +[storage] +compute02 ansible_user=root ansible_password=admin123 + +[monitoring] +control03 ansible_user=root ansible_password=admin123 diff --git a/iso b/iso new file mode 100644 index 0000000..e773ea0 --- /dev/null +++ b/iso @@ -0,0 +1,5 @@ +https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-x86_64-9-latest.x86_64.qcow2 +https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-x86_64-9-latest.x86_64.qcow2 +https://dl.rockylinux.org/pub/rocky/9/images/x86_64/Rocky-9-GenericCloud-Base.latest.x86_64.qcow2 +https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img +https://cloud.centos.org/centos/10-stream/x86_64/images/CentOS-Stream-GenericCloud-x86_64-10-latest.x86_64.qcow2 diff --git a/kola.yaml b/kola.yaml index c772c3f..8decd1c 100644 --- a/kola.yaml +++ b/kola.yaml @@ -168,23 +168,23 @@ - name: "Generate octavia-certificate" ansible.builtin.shell: kolla-ansible octavia-certificates - # - name: "Apply bootstrap" - # ansible.builtin.shell: kolla-ansible -i multinode bootstrap-servers - # args: - # chdir: "{{ kola_dir }}" - - # - name: "Precheck" - # ansible.builtin.shell: kolla-ansible -i multinode prechecks - # args: - # chdir: "{{ kola_dir }}" - - # - name: "Deploy" - # ansible.builtin.shell: kolla-ansible -i multinode deploy - # args: - # chdir: "{{ kola_dir }}" - - # - name: "Post deploy" - # ansible.builtin.shell: kolla-ansible post-deploy - # args: - # chdir: "{{ kola_dir }}" + - name: "Apply bootstrap" + ansible.builtin.shell: kolla-ansible -i multinode bootstrap-servers + args: + chdir: "{{ kola_dir }}" + + - name: "Precheck" + ansible.builtin.shell: kolla-ansible -i multinode prechecks + args: + chdir: "{{ kola_dir }}" + + - name: "Deploy" + ansible.builtin.shell: kolla-ansible -i multinode deploy + args: + chdir: "{{ kola_dir }}" + + - name: "Post deploy" + ansible.builtin.shell: kolla-ansible post-deploy + args: + chdir: "{{ kola_dir }}" diff --git a/kolla b/kolla new file mode 100644 index 0000000..10dfa9a --- /dev/null +++ b/kolla @@ -0,0 +1,28 @@ +--- +kolla_base_distro: "ubuntu" +kolla_install_type: "source" +openstack_release: "2024.1" +network_interface: "bond0.178" +neutron_external_interface: "bond0.179,bond0.180" +neutron_bridge_name: "br-ex,br-octavia" +neutron_physical_network: "physnet1,physnet2" +neutron_plugin_agent: "ovn" +neutron_ovn_distributed_fip: "yes" +neutron_ovn_dhcp_agent: "yes" +neutron_enable_ovn_agent: "yes" +enable_heat: "yes" +enable_neutron_provider_networks: "yes" +nova_compute_virt_type: "kvm" +enable_cinder: "yes" +enable_cinder_backend_lvm: "yes" +cinder_volume_group: "cinder-volumes" +enable_neutron_qos: "no" +enable_openstack_core: "yes" +enable_haproxy: "yes" +enable_keepalived: "yes" +enable_hacluster: "yes" +enable_masakari: "yes" +kolla_internal_vip_address: "10.72.178.105" +enable_cinder_backup: "no" +enable_redis: "yes" +haproxy_host_ipv4_tcp_retries2: 6 diff --git a/octavia b/octavia new file mode 100644 index 0000000..44f1bff --- /dev/null +++ b/octavia @@ -0,0 +1,95 @@ +neutron port-create --name octavia-hm1 --binding:host_id=control1 lb-mgmt-net +neutron port-create --name octavia-hm2 --binding:host_id=controller02 lb-mgmt-net +neutron port-create --name octavia-hm3 --binding:host_id=controller03 lb-mgmt-net + + neutron port-show octavia-hm2 | awk '/ mac_address / {print $4}' + neutron port-show octavia-hm2 | awk '/ id / {print $4}' + + +ovs-vsctl -- --may-exist add-port br-int octavia-hm2 \ + -- set Interface octavia-hm2 type=internal \ + -- set Interface octavia-hm2 external-ids:iface-status=active \ + -- set Interface octavia-hm2 external-ids:attached-mac=fa:16:3e:54:83:cc \ + -- set Interface octavia-hm2 external-ids:iface-id=1a6278f2-7182-4053-8b2a-5a9cbacc3604 + + +sudo ip link set dev octavia-hm1 address fa:16:3e:af:d5:49 +sudo dhclient octavia-hm1 + +neutron port-create --name octavia-hm1 --binding:host_id=control1 lb-mgmt-net +neutron port-create --name octavia-hm2 --binding:host_id=controller02 lb-mgmt-net +neutron port-create --name octavia-hm3 --binding:host_id=controller03 lb-mgmt-net + + neutron port-show octavia-hm2 | awk '/ mac_address / {print $4}' + neutron port-show octavia-hm2 | awk '/ id / {print $4}' + + +ovs-vsctl -- --may-exist add-port br-int octavia-hm2 \ + -- set Interface octavia-hm2 type=internal \ + -- set Interface octavia-hm2 external-ids:iface-status=active \ + -- set Interface octavia-hm2 external-ids:attached-mac=fa:16:3e:54:83:cc \ + -- set Interface octavia-hm2 external-ids:iface-id=1a6278f2-7182-4053-8b2a-5a9cbacc3604 + + +sudo ip link set dev octavia-hm1 address fa:16:3e:af:d5:49 +sudo dhclient octavia-hm1 + +root@controller01:~# kolla-ansible octavia-certificates + + + +root@controller01:~# sudo apt -y install debootstrap qemu-utils git kpartx +root@controller01:~# git clone https://opendev.org/openstack/octavia -b stable/2024.1 +# you should deactivate the virtual kolla environment +root@controller01:~# python3 -m venv dib-venv +root@controller01:~# source dib-venv/bin/activate +root@controller01:~# pip install diskimage-builder +root@controller01:~# cd octavia/diskimage-create +root@controller01:~# ./diskimage-create.sh +root@controller01:~# openstack image create amphora-x64-haproxy.qcow2 --container-format bare --disk-format qcow2 --private --tag amphora --file amphora-x64-haproxy.qcow2 --property hw_architecture='x86_64' --property hw_rng_model=virtio + + +root@controller01:~# source /etc/kolla/octavia-openrc.sh +root@controller01:~# openstack flavor create --vcpus 4 --ram 4096 --disk 10 "amphora" --private +root@controller01:~# openstack flavor show amphora -f value -c id +67f9d593-f9f7-4852-ae61-0927d921a200 + + + + +root@controller01:~# ssh-keygen +root@controller01:~# openstack keypair create --public-key /root/.ssh/id_rsa.pub octavia_ssh_key + + + + +root@controller01:~# OCTAVIA_MGMT_SUBNET=192.168.33.0/24 +OCTAVIA_MGMT_SUBNET_START=192.168.33.140 +OCTAVIA_MGMT_SUBNET_END=192.168.33.160 + + +openstack network create lb-mgmt-net --provider-network-type vlan --provider-segment 558 --provider-physical-network physnet2 +openstack subnet create --subnet-range $OCTAVIA_MGMT_SUBNET --allocation-pool \ + start=$OCTAVIA_MGMT_SUBNET_START,end=$OCTAVIA_MGMT_SUBNET_END \ + --network lb-mgmt-net lb-mgmt-subnet + + +root@controller01:~# openstack network show lb-mgmt-net -f value -c id +9acbb774-cbae-4b56-b951-c3b8a2df037b + +root@controller01:~# openstack security group create lb-mgmt-sec-grp +root@controller01:~# openstack security group rule create --protocol icmp lb-mgmt-sec-grp +root@controller01:~# openstack security group rule create --protocol tcp --dst-port 22 lb-mgmt-sec-grp +root@controller01:~# openstack security group rule create --protocol tcp --dst-port 9443 lb-mgmt-sec-grp +root@controller01:~# openstack security group show lb-mgmt-sec-grp -f value -c id +root@controller01:~# openstack security group create lb-health-mgr-sec-grp +root@controller01:~# openstack security group rule create --protocol udp --dst-port 5555 lb-health-mgr-sec-grp + + +octavia_amp_boot_network_list: 9acbb774-cbae-4b56-b951-c3b8a2df037b +octavia_amp_secgroup_list: ff017783-e114-4325-a459-138520777a18 +octavia_amp_flavor_id: 67f9d593-f9f7-4852-ae61-0927d921a200 +root@controller01:~# kolla-ansible -i deploy --tags common,horizon,octavia + + + diff --git a/octavia-test b/octavia-test new file mode 100644 index 0000000..ef5d6b9 --- /dev/null +++ b/octavia-test @@ -0,0 +1,23 @@ +oot@controller01:~# openstack loadbalancer create --name lb1 --vip-subnet-id 192.168.30.0/24 + + +root@controller01:~# openstack loadbalancer create --name lb1 --vip-subnet-id 192.168.30.0/24 +# Create TCP Listener +root@controller01:~# openstack loadbalancer listener create --name listener1 --protocol TCP --protocol-port 22 lb1 + + +# Create Pool +root@controller01:~# openstack loadbalancer pool create --name pool1 --lb-algorithm ROUND_ROBIN --listener listener1 --protocol TCP + + +# create health monitor on the pool that connect backend and probes TCP/22 port +root@controller01:~# openstack loadbalancer healthmonitor create --delay 15 --max-retries 4 --timeout 10 --type TCP pool1 + + +# add member +openstack loadbalancer member create --subnet-id 192.168.30.0/24 --address 192.168.30.153 --protocol-port 22 pool1 +openstack loadbalancer member create --subnet-id 192.168.30.0/24 --address 192.168.30.158 --protocol-port 22 pool1 +openstack loadbalancer show lb1 | grep vip_port_id +openstack loadbalancer stats show lb1 + + diff --git a/script.sh b/script.sh new file mode 100644 index 0000000..5ea7bce --- /dev/null +++ b/script.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +# Exit immediately if a command exits with a non-zero status +set -e + +# Install necessary system packages +sudo apt update +sudo apt install -y python3-venv git python3-dev libffi-dev gcc libssl-dev sshpass + +# Set up a Python virtual environment +python3 -m venv /root/venv +source /root/venv/bin/activate + +# Upgrade pip +pip install -U pip + +# Install ansible-core +pip install 'ansible-core>=2.16,<2.17.99' + +# Install kolla-ansible +pip install git+https://opendev.org/openstack/kolla-ansible@stable/2024.1 + +# Install OpenStack client libraries +pip install python-octaviaclient +pip install python-swiftclient + +# Prepare Kolla configuration directory +sudo mkdir -p /etc/kolla +sudo chown $USER:$USER /etc/kolla + +# Copy configuration files +cp -r /root/venv/share/kolla-ansible/etc_examples/kolla/* /etc/kolla +cp /root/venv/share/kolla-ansible/ansible/inventory/multinode /etc/kolla/ + +# Verify copied files +ls /etc/kolla/ + +# Install kolla dependencies +kolla-ansible install-deps + +# Generate Kolla passwords +kolla-genpwd + +# Install the OpenStack client +pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/2024.1 diff --git a/swift_device.sh b/swift_device.sh new file mode 100644 index 0000000..b741e04 --- /dev/null +++ b/swift_device.sh @@ -0,0 +1,6 @@ +index=0 +for d in mpathd mpathe mpathc; do + parted /dev/mapper/${d} -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1 + sudo mkfs.xfs -f -L d${index} /dev/${d}1 + (( index++ )) +done diff --git a/swift_ring b/swift_ring new file mode 100644 index 0000000..ddeda5b --- /dev/null +++ b/swift_ring @@ -0,0 +1,71 @@ +STORAGE_NODES=(10.72.181.103) +KOLLA_SWIFT_BASE_IMAGE="kolla/centos-source-swift-base:4.0.0" +mkdir -p /etc/kolla/config/swift + + +# generate object ring +docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ +$KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/object.builder create 10 3 1 + + +for node in ${STORAGE_NODES[@]}; do + for i in {0..2}; do + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ +$KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/object.builder add r1z1-${node}:6000/d${i} 1; + done +done +# generate account ring +docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ +$KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/account.builder create 10 3 1 + + +for node in ${STORAGE_NODES[@]}; do + for i in {0..2}; do + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ +$KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/account.builder add r1z1-${node}:6001/d${i} 1; + done +done +# generate container ring +docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ +$KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/container.builder create 10 3 1 + + +for node in ${STORAGE_NODES[@]}; do + for i in {0..2}; do + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ +$KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/container.builder add r1z1-${node}:6002/d${i} 1; + done +done +# rebalance ring +for ring in object account container; do + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ +$KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/${ring}.builder rebalance; +done diff --git a/test b/test new file mode 100644 index 0000000..c2d0b98 --- /dev/null +++ b/test @@ -0,0 +1,49 @@ +https://access.cdn.redhat.com/content/origin/files/sha256/82/820853871801754056642ead33834fbe5640421b57e07f2c084684f4d1a7d2fe/rhel-8.10-x86_64-kvm.qcow2?user=954242a2278c98a60016d0d5bb3fb71d&_auth_=1735025932_5d1d993a985bfacf36cd9f74a0c0f1df + +root@controller01:~# sudo apt install python3-venv +root@controller01:~# python3 -m venv /root/venv +root@controller01:~# source /root/venv/bin/activate +(venv) root@controller01:~# sudo apt install git python3-dev libffi-dev gcc libssl-dev sshpass +(venv) root@controller01:~# pip install -U pip +(venv) root@controller01:~# pip install 'ansible-core>=2.16,<2.17.99' +(venv) root@controller01:~# pip install git+https://opendev.org/openstack/kolla-ansible@stable/2024.1 +(venv) root@controller01:~# pip3 install python-octaviaclient +(venv) root@controller01:~# pip3 install python-swiftclient +(venv) root@controller01:~# sudo mkdir -p /etc/kolla +(venv) root@controller01:~# sudo chown $USER:$USER /etc/kolla +(venv) root@controller01:~# cp -r /root/venv/share/kolla-ansible/etc_examples/kolla/* /etc/kolla +(venv) root@controller01:~# cp /root/venv/share/kolla-ansible/ansible/inventory/multinode /etc/kolla/ +(venv) root@controller01:~# ls /etc/kolla/ +(venv) root@controller01:~# kolla-ansible install-deps +(venv) root@controller01:~# kolla-genpwd +(venv) root@controller01:~# pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/2024.1 + + +--- +kolla_base_distro: "ubuntu" +kolla_install_type: "source" +openstack_release: "2024.1" +network_interface: "bond0.178" +neutron_external_interface: "bond0.179,bond0.180" +neutron_bridge_name: "br-ex,br-octavia" +neutron_physical_network: "physnet1,physnet2" +neutron_plugin_agent: "ovn" +neutron_ovn_distributed_fip: "yes" +neutron_ovn_dhcp_agent: "yes" +neutron_enable_ovn_agent: "yes" +enable_heat: "yes" +enable_neutron_provider_networks: "yes" +nova_compute_virt_type: "kvm" +enable_cinder: "yes" +enable_cinder_backend_lvm: "yes" +cinder_volume_group: "cinder-volumes" +enable_neutron_qos: "no" +enable_openstack_core: "yes" +enable_haproxy: "yes" +enable_keepalived: "yes" +enable_hacluster: "yes" +enable_masakari: "yes" +kolla_internal_vip_address: "10.72.178.105" +enable_cinder_backup: "no" +enable_redis: "yes" +haproxy_host_ipv4_tcp_retries2: 6 diff --git a/verify b/verify new file mode 100644 index 0000000..48aa884 --- /dev/null +++ b/verify @@ -0,0 +1,29 @@ +wget http://download.cirros-cloud.net/0.6.2/cirros-0.6.2-x86_64-disk.img +openstack image create cirros --file ./cirros-0.6.2-x86_64-disk.img --disk-format qcow2 --container-format bare --public +openstack flavor create --id 1 --ram 1024 --disk 1 --vcpu 1 tiny +openstack security group create allow-all --description "Allow all traffic" +openstack security group rule create --ingress --protocol any --ethertype IPv4 allow-all +openstack security group rule create --ingress --protocol any --ethertype IPv6 allow-all +openstack security group rule create --egress --protocol any --ethertype IPv4 allow-all +openstack security group rule create --egress --protocol any --ethertype IPv6 allow-all + + +openstack network create --share --external --provider-physical-network physnet1 --provider-network-type flat external +openstack subnet create --subnet-range 10.72.179.0/24 \ + --gateway 10.72.179.250 \ + --network external \ + --allocation-pool start=10.72.179.10,end=10.72.179.200 \ + external-subnet + +openstack network create --share --provider-physical-network physnet2 --provider-network-type flat lb-mgmt-net +openstack subnet create --subnet-range 10.72.180.0/24 \ + --no-gateway \ + --network lb-mgmt-net \ + --allocation-pool start=10.72.180.10,end=10.72.180.200 \ + lb-mgmt-net-subnet + + +#net-id-pro-vlan111='openstack network list | grep pro-vlan111 | cut -f2 -d"|"' +#openstack server create --flavor 1 --image cirros --nic net-id=96448280-519e-4173-a198-ee0b18d66f02 inst1 +#openstack server create --flavor 1 --image cirros --nic net-id=$net-id-pro-vlan111 inst1 +