copper:academy:foreman
The procedure below has been used to create a 3-node OPNFV install using Intel NUC i7 nodes with 16GB RAM, 250MB SSD, and 1 TB HDD. The install uses one NUC for the Jumphost, and one each for the controller (OpenStack + ODL) and the compute nodes.
Jumphost Installation and OPNFV Deployment
- Includes instructions from http://artifacts.opnfv.org/genesis/foreman/docs/installation-instructions.html
- install Centos 7 x86_64 minimal server: CentOS-7-x86_64-Minimal-1503-01.iso
- during install, add user opnfv
- once active, login to opnfv account from console
ip addr
- note IP address of enp0s25 - will set it in ifcfg-enp0s25 per the notes below
- add opnfv account to sudoers after "root ALL=(ALL) ALL"
su visudo opnfv ALL=(ALL) ALL
- update
sudo yum -y update
- reboot and select updated kernel so correct kernel headers can be obtained in virtualbox setup
sudo shutdown -r 0
- Select boot option: CentOS Linux (3.10.0-229.14.1.e17.x86_64) 7 (Core)
- configure hostname
sudo vi /etc/hostname jumphost1.opnfv.org
- Disable NetworkManager
sudo systemctl stop NetworkManager sudo systemctl disable NetworkManager
- configure single NIC as static per IP assigned during install
sudo vi /etc/sysconfig/network-scripts/ifcfg-enp0s25 TYPE="Ethernet" BOOTPROTO="static" IPADDR=192.168.1.201 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 NM_CONTROLLED="no" (rest as-is)
- Restart networking
sudo service network restart sudo setenforce 0
- Edit /etc/resolv.conf and add a nameserver
sudo vi /etc/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4
- Disable selinux:
sudo setenforce 0 sudo sed -i 's/SELINUX=.*/SELINUX=permissive/' /etc/selinux/config
- Disable firewalld:
sudo systemctl stop firewalld sudo systemctl disable firewalld
- install and start ntp
sudo yum -y install ntp sudo systemctl start ntpd date
- verify time is correct
- Set NUCs to PXE boot on wake-on-lan
- In BIOS options (F2), Power tab, set "Wake on LAN from S4/S5" to "Power On - PXE Boot" and save (F10)
- Boot NUCs and note MAC addresses, so they can be included in the wakenodes.sh script referenced below
- install ether-wake if needed to test of wakenodes.sh
sudo yum -y install net-tools
- install git
sudo yum -y install git cd ~
- clone genesis
git clone https://blsaws@gerrit.opnfv.org/gerrit/genesis
- (for testing, downloaded trozet's patch fork snapshot from https://gerrit.opnfv.org/gerrit/gitweb?p=genesis.git;a=commit;h=756ee8c81cfac9a69e8f67811429e63da9af6480
curl "https://gerrit.opnfv.org/gerrit/gitweb?p=genesis.git;a=snapshot;h=756ee8c81cfac9a69e8f67811429e63da9af6480;sf=tgz" -o genesis-756ee8c.tar.gz gzip -d genesis-756ee8c.tar.gz tar -xvf genesis-756ee8c.tar
- modify to clone khaleesi from my fork (trozet⇒blsaws) per the patches below
- note: if you want to use the wakenodes.sh script, you will need to fork my repo and mod wakenodes.sh for your MACs
vi ~/genesis-756ee8c/foreman/ci/bootstrap.sh if ! git clone -b opnfv https://github.com/blsaws/khaleesi.git; then
- modify ~/genesis-756ee8c/foreman/ci/opnfv_ksgen_settings_no_HA.yml for my specific config
vi ~/genesis-756ee8c/foreman/ci/opnfv_ksgen_settings_no_HA.yml
# Jumphost1:
# (for compute1:)
name: oscompute1.{{ domain_name }}
hostname: oscompute1.{{ domain_name }}
short_name: oscompute1
mac_address: "<compute1-mac>"
# (for controller1:)
name: oscontroller1.{{ domain_name }}
hostname: oscontroller1.{{ domain_name }}
short_name: oscontroller1
mac_address: "<controller1-mac>"
private_mac: "<controller1-mac>"
# Jumphost2:
# (for compute1:)
name: oscompute1.{{ domain_name }}
hostname: oscompute1.{{ domain_name }}
short_name: oscompute1
mac_address: "<compute1-mac>"
# (for controller1:)
name: oscontroller1.{{ domain_name }}
hostname: oscontroller1.{{ domain_name }}
short_name: oscontroller1
mac_address: "<controller1-mac>"
private_mac: "<controller1-mac>"
- clone my fork of trozet's khaleesi, updated with patches
- it will later be cloned by the foreman vm, so these patches will be available in the foreman vm
cd /opt sudo git clone -b opnfv https://github.com/blsaws/khaleesi.git
- during initial debugging, the patches were manually created as below; later they were pulled from the repo fork after being committed
- patch 1: add wakenodes.sh to root of khaleesi repo
- alternative is to manually power-on the nodes, which will go into PXE-boot mode
sudo vi /opt/khaleesi/wakenodes.sh # !/bin/bash yum -y install net-tools ether-wake <compute1-mac> ether-wake <controller1-mac>
- During initial debugging wakenodes.sh was copied to the shared folder for the foreman vm and later copied to the root of the cloned repo in the foreman vm.
- (in jumphost) sudo cp /opt/khaleesi/wakenodes.sh /var/opt/opnfv/foreman_vm
- (after foreman vm is up)
- su; cd /var/opt/opnfv/foreman_vm; vagrant ssh; cp /vagrant/wakenodes.sh /opt/khaleesi/wakenodes.sh
- patch 2: in main.yml add call to wakenodes.sh script as shown in http://docs.ansible.com/ansible/script_module.html
- In khaleesi/roles/get_nodes/foreman/tasks/main.yml add call to node wakeup script after block "- name: Provision nodes"
sudo vi /opt/khaleesi/roles/get_nodes/foreman/tasks/main.yml - script: /opt/khaleesi/wakenodes.sh
- During initial debugging main.yml was copied to the shared folder for the foreman vm and later copied to the cloned repo in the foreman vm.
- (in jumphost) sudo cp /opt/khaleesi/roles/get_nodes/foreman/tasks/main.yml /var/opt/opnfv/foreman_vm/main.yml
- (after foreman vm is up)
- su; cd /var/opt/opnfv/foreman_vm; vagrant ssh; cp /vagrant/main.yml /opt/khaleesi/roles/get_nodes/foreman/tasks/main.yml
- patch 3: in foreman.py skip IPMI related code in node bringup
- In khaleesi/library/foreman.py exit early to avoid IPMI code
- change "elif ipmi_host is None:" to "if ipmi_host is None:" and add module.exit before i
sudo vi /opt/khaleesi/library/foreman.py # bryan_att modified to skip IPMI stuff module.exit_json(changed=True, msg="Rebuilding Node") # change elif to if so the module.exit is outside the previous if block if ipmi_host is None:
- During initial debugging foreman.py was copied to the shared folder and then to the foreman VM as above.
- (in jumphost) sudo cp /opt/khaleesi/library/foreman.py /var/opt/opnfv/foreman_vm/
- (after foreman vm is up)
- su; cd /var/opt/opnfv/foreman_vm; vagrant ssh; cp /vagrant/foreman.py /opt/khaleesi/library/foreman.py
- kickoff deploy.sh
cd ~/genesis-756ee8c/foreman/ci/ sudo ./deploy.sh -single_baremetal_nic enp0s25 -base_config /home/opnfv/genesis-756ee8c/foreman/ci/opnfv_ksgen_settings_no_HA.yml
- if errors, before retrying wipe using clean.sh or
su cd /var/opt/opnfv/foreman_vm vagrant destroy -f cd - rm -rf /var/opt/opnfv exit rm /home/opnfv/.ssh/known_hosts
- when you see "PASSED", login to controller node and setup bridge to external network for VMs (manual tasks needed for non-HA single NIC installs. for HA single-NIC installs this is handled already).
vi /etc/neutron/plugin.ini # add to end [ovs] bridge_mappings = physnet1:br-ex # comment out "flat_networks =*" and add under it flat_networks = physnet1
- Restart Neutron
openstack-service restart neutron
- Create /etc/sysconfig/network-scripts/ifcfg-br-ex with https://github.com/trozet/puppet-trystack/blob/quickstack/templates/br_ex.erb as template.
- Note: the following assumes that Foreman assigned IP 192.168.1.204 to controller1. If different, use the IP assigned for the system you are installing, here and below.
vi /etc/sysconfig/network-scripts/ifcfg-br-ex DEVICE=br-ex DEVICETYPE=ovs IPADDR=192.168.1.204 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 BOOTPROTO=static ONBOOT=yes TYPE=OVSBridge PROMISC=yes PEERDNS=no
- Verify ovs is setup correctly
[root@oscontroller1 ~]# ovs-vsctl show
22ba4760-889c-4341-b8d6-445c53ac5aaa
Manager "tcp:192.168.1.204:6640"
is_connected: true
Bridge br-ex
Controller "tcp:192.168.1.204:6633"
is_connected: true
Port "enp0s25"
Interface "enp0s25"
Port br-ex
Interface br-ex
type: internal
Bridge br-int
Controller "tcp:192.168.1.204:6633"
is_connected: true
fail_mode: secure
Port br-int
Interface br-int
ovs_version: "2.3.1"
- Modify /etc/sysconfig/network-scripts/ifcfg-enp0s25
vi /etc/sysconfig/network-scripts/ifcfg-enp0s25 NAME="enp0s25" DEVICE="enp0s25" ONBOOT=yes NETBOOT=yes (leave UUID line as is, replace rest with the below) BOOTPROTO=static TYPE=OVSPort OVS_BRIDGE=br-ex PROMISC=yes IPV4_FAILURE_FATAL=no PEERDNS=no PEERROUTES=yes
- Restart networking
systemctl restart network
- On the jumphost, from Horizon / Project / Compute / Access & Security / API Access select "Download OpenStack RC file, transfer to the controller root home directory, then execute it.
vi admin-openrc.sh (paste contents) source admin-openrc.sh
- Create external network and subnet using Neutron CLI
neutron net-create external1 -- --router:external=true --provider:network_type=flat --provider:physical_network=physnet1
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | d7868a94-47ec-4ec7-93cc-645d3bc45898 |
| name | external1 |
| provider:network_type | flat |
| provider:physical_network | physnet1 |
| provider:segmentation_id | |
| router:external | True |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | c3b15e900f0f4c7ab01576bb28d34f10 |
+---------------------------+--------------------------------------+
neutron subnet-create --disable-dhcp external1 192.168.1.0/24
Created a new subnet:
+-------------------+--------------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------------+
| allocation_pools | {"start": "192.168.1.2", "end": "192.168.1.254"} |
| cidr | 192.168.1.0/24 |
| dns_nameservers | |
| enable_dhcp | False |
| gateway_ip | 192.168.1.1 |
| host_routes | |
| id | 2a6a6be2-2ea2-4a38-84cd-3a2e9e3197e8 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | |
| network_id | d7868a94-47ec-4ec7-93cc-645d3bc45898 |
| tenant_id | c3b15e900f0f4c7ab01576bb28d34f10 |
+-------------------+--------------------------------------------------+
What install success looks like
- when the process has finished, succcess is indicated by this type of information in the jumphost terminal (the details e.g. addresses shown here may vary from that above… sometimes installs resulted in different assigned addresses)
==> default:
==> default: TASK: [get_nodes/foreman | make a list] ***************************************
==> default: [[ previous task time: 0:00:00.015421 = 0.02s / 1597.81s ]]
==> default: ok: [localhost]
==> default:
==> default: TASK: [get_nodes/foreman | debug var=nodes_list] ******************************
==> default: [[ previous task time: 0:00:00.008785 = 0.01s / 1597.81s ]]
==> default: ok: [localhost] => {
==> default: "var": {
==> default: "nodes_list": [
==> default: "oscontroller1.opnfv.com",
==> default: "oscompute1.opnfv.com"
==> default: ]
==> default: }
==> default: }
==> default:
==> default: TASK: [get_nodes/foreman | Wait for puppet to complete] ***********************
==> default: [[ previous task time: 0:00:00.008461 = 0.01s / 1597.82s ]]
==> default: changed: [localhost]
==> default:
==> default: msg:
==> default: Nodes are Active
==> default:
==> default: TASK: [get_nodes/foreman | Print host openstack network type (nova/neutron)]
***
==> default: [[ previous task time: 0:12:01.201807 = 721.20s / 2319.02s ]]
==> default: ok: [localhost] => {
==> default: "var": {
==> default: "provisioner.network.type": "nova"
==> default: }
==> default: }
==> default:
==> default: TASK: [get_nodes/foreman | debug var=nodes_created] ***************************
==> default: [[ previous task time: 0:00:00.010205 = 0.01s / 2319.03s ]]
==> default: skipping: [localhost]
==> default:
==> default: TASK: [get_nodes/foreman | debug var=hostvars] ********************************
==> default: [[ previous task time: 0:00:00.023453 = 0.02s / 2319.06s ]]
==> default: skipping: [localhost]
==> default:
==> default: PLAY RECAP ********************************************************************
==> default: localhost : ok=60 changed=41 unreachable=0 failed=0
==> default: [[ previous task time: 0:00:00.032833 = 0.03s / 2319.09s ]]
==> default: [[ previous play time: 0:26:37.803885 = 1597.80s / 2319.09s ]]
==> default: [[ previous playbook time: 0:38:39.090976 = 2319.09s / 2319.09s ]]
==> default: [[ previous total time: 0:38:39.091181 = 2319.09s / 0.00s ]]
==> default: Exit cleanup ... init.print_result
==> default: running: init.print_result
==> default: ./run.sh: PASSED
==> default: Running provisioner: shell...
default: Running: /tmp/vagrant-shell20150920-11687-22sn6.sh
==> default: Resizing physical volume
==> default: Physical volume "/dev/sda2" changed
==> default: 1 physical volume(s) resized / 0 physical volume(s) not resized
==> default: New physical volume size: 39
==> default: Resizing logical volume
==> default: Extending logical volume root to 38.48 GiB
==> default: Logical volume root successfully resized
==> default: Filesystem resized to: 39G
Foreman VM is up!
[opnfv@jumphost2 ci]$
copper/academy/foreman.txt · Last modified: 2016/02/02 18:39 by Bryan Sullivan
Except where otherwise noted, content on this wiki is licensed under the following license: Creative Commons Attribution 4.0 International License
