Openstack Installation TTNN » Historique » Version 55
Mehdi Abaakouk, 08/08/2014 08:53
| 1 | 43 | Laurent GUERBY | {{>toc}} |
|---|---|---|---|
| 2 | 43 | Laurent GUERBY | |
| 3 | 1 | Mehdi Abaakouk | h1. Openstack Installation TTNN |
| 4 | 1 | Mehdi Abaakouk | |
| 5 | 44 | Laurent GUERBY | h2. Liens |
| 6 | 44 | Laurent GUERBY | |
| 7 | 44 | Laurent GUERBY | * http://ceph.com/docs/master/rados/operations/cache-tiering/ |
| 8 | 44 | Laurent GUERBY | * http://ceph.com/docs/master/rados/operations/crush-map/ |
| 9 | 44 | Laurent GUERBY | |
| 10 | 3 | Mehdi Abaakouk | h2. Pending upstream fixes: |
| 11 | 3 | Mehdi Abaakouk | |
| 12 | 1 | Mehdi Abaakouk | * build-debian-openstack-images, changes should be in next package version: |
| 13 | 1 | Mehdi Abaakouk | ** Fix extlinux installation on jessie: http://anonscm.debian.org/cgit/openstack/openstack-debian-images.git/commit/?id=1a4ddceb99fb66f42f79e87a183d8e96952e5ac3 |
| 14 | 1 | Mehdi Abaakouk | ** Fix cloud-init setup with configdrive: http://anonscm.debian.org/cgit/openstack/openstack-debian-images.git/commit/?id=15cce87e2fa15b8952d69fb58711bfa88b21ef87 |
| 15 | 15 | Mehdi Abaakouk | ** Use Configdrive first for cloud-init: http://anonscm.debian.org/cgit/openstack/openstack-debian-images.git/commit/?id=1b1e1093d5ee525426382ad29b8219ab58f6656d |
| 16 | 1 | Mehdi Abaakouk | |
| 17 | 1 | Mehdi Abaakouk | * nova: |
| 18 | 15 | Mehdi Abaakouk | ** Fix live-migration avec ceph and configdrive:: https://review.openstack.org/#/c/112014/, si la solution est mergé upstream, j'appliquerai le patch au package debian |
| 19 | 1 | Mehdi Abaakouk | |
| 20 | 4 | Mehdi Abaakouk | h2. Installation |
| 21 | 4 | Mehdi Abaakouk | |
| 22 | 4 | Mehdi Abaakouk | Le setup installé est composé de : |
| 23 | 4 | Mehdi Abaakouk | |
| 24 | 4 | Mehdi Abaakouk | * 3 hyperviseurs (compute node) qui contiendront 1 ceph-mon, N ceph-osd, nova-compute (qui lance les VM), neutron-openvswitch-agent (qui configure le réseau des vms) |
| 25 | 4 | Mehdi Abaakouk | * 1 VM (controler node), qui contient tous les services de management d'openstack (nova, cinder, glance, neutron) |
| 26 | 4 | Mehdi Abaakouk | |
| 27 | 4 | Mehdi Abaakouk | Les étapes d'installation sont les suivantes: |
| 28 | 4 | Mehdi Abaakouk | * Préparation manuelle de la VM de management sur un des hyperviseurs |
| 29 | 4 | Mehdi Abaakouk | * Installation de ceph et openstack sur toutes les machines avec puppet |
| 30 | 4 | Mehdi Abaakouk | * Déplacement de la VM de management d'openstack dans openstack. |
| 31 | 4 | Mehdi Abaakouk | |
| 32 | 33 | Mehdi Abaakouk | h3. Information sur le puppet master: |
| 33 | 33 | Mehdi Abaakouk | |
| 34 | 33 | Mehdi Abaakouk | La conf et modules puppet utilisé par tetaneutral.net ce trouve la: |
| 35 | 33 | Mehdi Abaakouk | |
| 36 | 33 | Mehdi Abaakouk | > http://chiliproject.tetaneutral.net/projects/git-tetaneutral-net/repository/puppetmaster |
| 37 | 33 | Mehdi Abaakouk | > http://chiliproject.tetaneutral.net/projects/git-tetaneutral-net/repository/puppetmaster/revisions/master/entry/manifests/nodes/openstack.pp |
| 38 | 33 | Mehdi Abaakouk | |
| 39 | 33 | Mehdi Abaakouk | Seulement c'est 3 classes sont spécifique à tetaneutral, le reste est réutilisable: |
| 40 | 33 | Mehdi Abaakouk | |
| 41 | 36 | Mehdi Abaakouk | > class { 'ttnn::server': } |
| 42 | 36 | Mehdi Abaakouk | > class { 'backup::client': } |
| 43 | 36 | Mehdi Abaakouk | > class { 'sexymotd': } |
| 44 | 33 | Mehdi Abaakouk | |
| 45 | 33 | Mehdi Abaakouk | Les modules qui sont nécessaire pour openstack pour le reste du fichier sont: |
| 46 | 33 | Mehdi Abaakouk | |
| 47 | 33 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-apache.git |
| 48 | 33 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-apt |
| 49 | 33 | Mehdi Abaakouk | > https://github.com/stackforge/puppet-ceph.git |
| 50 | 33 | Mehdi Abaakouk | > https://github.com/stackforge/puppet-cinder.git |
| 51 | 33 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-concat.git |
| 52 | 33 | Mehdi Abaakouk | > https://github.com/stackforge/puppet-glance.git |
| 53 | 33 | Mehdi Abaakouk | > https://github.com/stackforge/puppet-horizon.git |
| 54 | 33 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-inifile.git |
| 55 | 33 | Mehdi Abaakouk | > https://github.com/stackforge/puppet-keystone.git |
| 56 | 33 | Mehdi Abaakouk | > https://github.com/camptocamp/puppet-kmod.git |
| 57 | 33 | Mehdi Abaakouk | > https://github.com/saz/puppet-memcached.git |
| 58 | 33 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-mysql.git |
| 59 | 33 | Mehdi Abaakouk | > https://github.com/stackforge/puppet-neutron.git |
| 60 | 33 | Mehdi Abaakouk | > https://github.com/stackforge/puppet-nova.git |
| 61 | 33 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-rabbitmq.git |
| 62 | 33 | Mehdi Abaakouk | > https://github.com/nanliu/puppet-staging.git |
| 63 | 33 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-stdlib.git |
| 64 | 33 | Mehdi Abaakouk | > https://github.com/duritong/puppet-sysctl.git |
| 65 | 33 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-vcsrepo.git |
| 66 | 33 | Mehdi Abaakouk | > https://github.com/stackforge/puppet-vswitch.git |
| 67 | 36 | Mehdi Abaakouk | > https://github.com/puppetlabs/puppetlabs-xinetd.git |
| 68 | 33 | Mehdi Abaakouk | |
| 69 | 33 | Mehdi Abaakouk | h3. Préparation réseaux des hosts: |
| 70 | 29 | Mehdi Abaakouk | |
| 71 | 31 | Mehdi Abaakouk | Voici le fichier rc.local d'un hyperviseur (g1) |
| 72 | 29 | Mehdi Abaakouk | |
| 73 | 29 | Mehdi Abaakouk | <pre> |
| 74 | 29 | Mehdi Abaakouk | for i in /proc/sys/net/ipv6/conf/*; do for j in autoconf accept_ra; do echo 0 > $i/$j; done;done |
| 75 | 29 | Mehdi Abaakouk | # https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt |
| 76 | 31 | Mehdi Abaakouk | for i in /proc/sys/net/ipv4/conf/*/arp_announce; do echo 2 > $i;done # NOTE(sileht) Est ce que c'est vraiment utilise quand on aura le switch 10G entre les machines ? |
| 77 | 29 | Mehdi Abaakouk | |
| 78 | 29 | Mehdi Abaakouk | echo 1 > /proc/sys/net/ipv4/ip_forward |
| 79 | 29 | Mehdi Abaakouk | echo 1 > /proc/sys/net/ipv6/conf/all/forwarding |
| 80 | 29 | Mehdi Abaakouk | |
| 81 | 29 | Mehdi Abaakouk | ip link set eth0 up |
| 82 | 29 | Mehdi Abaakouk | ip link add link eth0 name eth0.3131 type vlan id 3131 |
| 83 | 29 | Mehdi Abaakouk | ip link set eth0.3131 up |
| 84 | 29 | Mehdi Abaakouk | ip addr add 89.234.156.251/32 dev eth0.3131 |
| 85 | 29 | Mehdi Abaakouk | ip route add 91.224.149.0/24 dev eth0.3131 |
| 86 | 29 | Mehdi Abaakouk | ip route add default via 91.224.149.254 |
| 87 | 29 | Mehdi Abaakouk | |
| 88 | 29 | Mehdi Abaakouk | ip addr add 2a01:6600:8083:fb00::1/56 dev eth0.3131 |
| 89 | 29 | Mehdi Abaakouk | ip route add default via fe80::31 dev eth0.3131 |
| 90 | 29 | Mehdi Abaakouk | |
| 91 | 29 | Mehdi Abaakouk | ip link add link eth0 name eth0.3175 type vlan id 3175 |
| 92 | 29 | Mehdi Abaakouk | ip link set eth0.3175 up |
| 93 | 29 | Mehdi Abaakouk | |
| 94 | 29 | Mehdi Abaakouk | ip link add link eth0 name eth0.3195 type vlan id 3195 |
| 95 | 29 | Mehdi Abaakouk | ip link set eth0.3195 up |
| 96 | 45 | Mehdi Abaakouk | ip addr add 192.168.3.101/24 dev br-admin |
| 97 | 29 | Mehdi Abaakouk | |
| 98 | 29 | Mehdi Abaakouk | ip addr add 91.224.148.0/32 dev lo |
| 99 | 39 | Mehdi Abaakouk | ip addr add fe80::31/64 dev br-net |
| 100 | 29 | Mehdi Abaakouk | ip route add 89.234.156.250/32 dev eth0.3131 |
| 101 | 29 | Mehdi Abaakouk | ip route add 89.234.156.252/32 dev eth0.3131 |
| 102 | 29 | Mehdi Abaakouk | ip route add 89.234.156.253/32 dev eth0.3131 |
| 103 | 29 | Mehdi Abaakouk | |
| 104 | 29 | Mehdi Abaakouk | |
| 105 | 29 | Mehdi Abaakouk | exit 0 |
| 106 | 29 | Mehdi Abaakouk | </pre> |
| 107 | 29 | Mehdi Abaakouk | |
| 108 | 55 | Mehdi Abaakouk | _note: Les bridges openvswitch sont mémorisés et recréés automatiquement par le service openvswitch-switch_ |
| 109 | 54 | Mehdi Abaakouk | |
| 110 | 30 | Mehdi Abaakouk | Sur h7.tetaneutral.net le routage est le suivant |
| 111 | 30 | Mehdi Abaakouk | |
| 112 | 30 | Mehdi Abaakouk | <pre> |
| 113 | 30 | Mehdi Abaakouk | ip route add 89.234.156.251/32 dev eth0.3131 |
| 114 | 30 | Mehdi Abaakouk | ip route add 89.234.156.252/32 dev eth0.3131 |
| 115 | 30 | Mehdi Abaakouk | ip route add 89.234.156.253/32 dev eth0.3131 |
| 116 | 30 | Mehdi Abaakouk | ip route add 2a01:6600:8083:fb00::/56 dev eth0.3131 |
| 117 | 30 | Mehdi Abaakouk | ip route add 2a01:6600:8083:fc00::/56 dev eth0.3131 |
| 118 | 30 | Mehdi Abaakouk | ip route add 2a01:6600:8083:fd00::/56 dev eth0.3131 |
| 119 | 30 | Mehdi Abaakouk | </pre> |
| 120 | 30 | Mehdi Abaakouk | |
| 121 | 30 | Mehdi Abaakouk | Ainsi que ceci le temps de l'installation |
| 122 | 30 | Mehdi Abaakouk | |
| 123 | 30 | Mehdi Abaakouk | <pre> |
| 124 | 30 | Mehdi Abaakouk | ip route add 89.234.156.249/32 via 89.234.156.251 # NOTE(sileht): temporairement pour le setup openstack |
| 125 | 42 | Laurent GUERBY | ip route add 2a01:6600:8083:f900::/56 via 2a01:6600:8083:fb00::1 dev eth0.3131 # NOTE(sileht): temporairement pour le setup openstack |
| 126 | 30 | Mehdi Abaakouk | </pre> |
| 127 | 30 | Mehdi Abaakouk | |
| 128 | 4 | Mehdi Abaakouk | h3. Preparation de la VM de management, le controlleur |
| 129 | 4 | Mehdi Abaakouk | |
| 130 | 6 | Mehdi Abaakouk | h4. Installation des prérequis |
| 131 | 4 | Mehdi Abaakouk | |
| 132 | 4 | Mehdi Abaakouk | <pre> |
| 133 | 4 | Mehdi Abaakouk | $ apt-get install libvirt-bin openstack-debian-images openvswitch-switch openvswitch-datapath-dkms virtinst |
| 134 | 4 | Mehdi Abaakouk | #NOTE(sileht): temporairement appliquer les patches de au-dessus à openstack-debian-images |
| 135 | 4 | Mehdi Abaakouk | </pre> |
| 136 | 4 | Mehdi Abaakouk | |
| 137 | 6 | Mehdi Abaakouk | h4. Preparation de l'image de la VM |
| 138 | 1 | Mehdi Abaakouk | |
| 139 | 1 | Mehdi Abaakouk | <pre> |
| 140 | 6 | Mehdi Abaakouk | $ vim hook.sh |
| 141 | 17 | Mehdi Abaakouk | set -xv |
| 142 | 16 | Mehdi Abaakouk | |
| 143 | 1 | Mehdi Abaakouk | echo "openstack" > $BODI_CHROOT_PATH/etc/hostname |
| 144 | 20 | Mehdi Abaakouk | |
| 145 | 16 | Mehdi Abaakouk | cat > $BODI_CHROOT_PATH/etc/resolv.conf <<EOF |
| 146 | 16 | Mehdi Abaakouk | domain tetaneutral.net |
| 147 | 16 | Mehdi Abaakouk | search tetaneutral.net |
| 148 | 16 | Mehdi Abaakouk | nameserver 8.8.8.8 |
| 149 | 1 | Mehdi Abaakouk | EOF |
| 150 | 20 | Mehdi Abaakouk | |
| 151 | 6 | Mehdi Abaakouk | cat > $BODI_CHROOT_PATH/etc/network/interfaces <<EOF |
| 152 | 6 | Mehdi Abaakouk | auto lo |
| 153 | 6 | Mehdi Abaakouk | iface lo inet loopback |
| 154 | 1 | Mehdi Abaakouk | auto eth0 |
| 155 | 6 | Mehdi Abaakouk | iface eth0 inet manual |
| 156 | 20 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth0.accept_ra=0 |
| 157 | 20 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth0.autoconf=0 |
| 158 | 1 | Mehdi Abaakouk | up ip link set eth0 up |
| 159 | 1 | Mehdi Abaakouk | up ip addr add 89.234.156.249/32 dev eth0 |
| 160 | 20 | Mehdi Abaakouk | up ip route add 91.224.148.0/32 dev eth0 |
| 161 | 20 | Mehdi Abaakouk | up ip route add default via 91.224.148.0 |
| 162 | 20 | Mehdi Abaakouk | |
| 163 | 20 | Mehdi Abaakouk | iface eth0 inet6 static |
| 164 | 20 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth0.accept_ra=0 |
| 165 | 20 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth0.autoconf=0 |
| 166 | 20 | Mehdi Abaakouk | address 2a01:6600:8083:f900::1 |
| 167 | 20 | Mehdi Abaakouk | netmask 56 |
| 168 | 40 | Mehdi Abaakouk | gateway fe80::31 |
| 169 | 46 | Mehdi Abaakouk | |
| 170 | 46 | Mehdi Abaakouk | auto eth1 |
| 171 | 46 | Mehdi Abaakouk | iface eth1 inet static |
| 172 | 46 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth1.accept_ra=0 |
| 173 | 46 | Mehdi Abaakouk | pre-up /sbin/sysctl -w net.ipv6.conf.eth1.autoconf=0 |
| 174 | 46 | Mehdi Abaakouk | address 192.168.3.100 |
| 175 | 46 | Mehdi Abaakouk | netmask 255.255.255.0 |
| 176 | 6 | Mehdi Abaakouk | EOF |
| 177 | 20 | Mehdi Abaakouk | |
| 178 | 1 | Mehdi Abaakouk | mkdir -p $BODI_CHROOT_PATH/root/.ssh |
| 179 | 6 | Mehdi Abaakouk | chmod 600 $BODI_CHROOT_PATH/root/.ssh |
| 180 | 4 | Mehdi Abaakouk | cat >> $BODI_CHROOT_PATH/root/.ssh/authorized_keys <<EOF |
| 181 | 1 | Mehdi Abaakouk | ssh-dss AAAAB3NzaC1kc3MAAACBAJtnGLvuz4uVD6fnERDxDi/C0UyzwCiKmgNtEessopREYasAX4Gu6Fg10jAyIL5Nuc7YDnqj//pOfxNjD7hp99a2ZmkRQgh/ltClxYML9fqhBHgsUCpVse9nOYDHDnDgvXIPRSDUHat2UFpdchHVrFURNLIlZnBztsr+GCDURTV/AAAAFQD9SrBcH49ltaKOm6V5ssCPmgs1SwAAAIAbAvkQ3/tMzzdACO5B9s5Yb3ZuM7XImm0iqufivVf2Xy39g8HOBulUsN7eKEGPhVriqNolgIO7q7tVgYAff4/NE4yDP0Kp0SPg4tjt2yFJuL31Y3wzwHjnKrjgNlDSLl3uZnRXSipwUMwGKbdHB6NZSqlq192VKbHilQ00pbiMlAAAAIB5dfB1lVHkJ0o5CcaVQRPbca9DvbbRwnoTSmKHc5DUcqsPqDhS07CkM9ZcJuY1Nh4wGl4Q9kArj7Tnsvvygf/HReSUcIk4+nbDytJ8/pca/Qx4fzQQyppa94TylN62LSFT6MIJKLoMwYa0dQURT7Mv5+9Qj2vk5pZ38w2iQ9zVCg== root@h1 |
| 182 | 4 | Mehdi Abaakouk | EOF |
| 183 | 10 | Mehdi Abaakouk | |
| 184 | 16 | Mehdi Abaakouk | sed -i -e 's/^.*Port.*$/Port 2222/' -e 's/^[# ]*PasswordAuthentication.*$/PasswordAuthentication no/' $BODI_CHROOT_PATH/etc/ssh/sshd_config |
| 185 | 16 | Mehdi Abaakouk | chroot $BODI_CHROOT_PATH dpkg-reconfigure openssh-server |
| 186 | 20 | Mehdi Abaakouk | chroot $BODI_CHROOT_PATH apt-get purge -y cloud-init* |
| 187 | 1 | Mehdi Abaakouk | </pre> |
| 188 | 7 | Mehdi Abaakouk | |
| 189 | 4 | Mehdi Abaakouk | <pre> |
| 190 | 21 | Mehdi Abaakouk | $ chmod +x hook.sh |
| 191 | 12 | Mehdi Abaakouk | $ build-openstack-debian-image --image-size 20 --release jessie -u http://apt.tetaneutral.net/debian/ -s http://apt.tetaneutral.net/debian/ --hook-script $(pwd)/hook.sh |
| 192 | 4 | Mehdi Abaakouk | $ mv debian-jessie-7.0.0-3-amd64.raw /openstack.raw |
| 193 | 4 | Mehdi Abaakouk | $ rm debian-jessie-7.0.0-3-amd64.qcow2 |
| 194 | 4 | Mehdi Abaakouk | </pre> |
| 195 | 5 | Mehdi Abaakouk | |
| 196 | 13 | Mehdi Abaakouk | _note: la derniere commande lancée par le script doit être 'qemu-img convert -c -f raw .... , sinon l'image de bootera pas_ |
| 197 | 18 | Mehdi Abaakouk | _note(jessie): si l'erreur est celle ci-dessous, relancer manuellement 'kpartx -d debian-jessie-7.0.0-3-amd64.raw' jusqu'a ce que l'erreur disparaissent et le .raw est utilisable:_ |
| 198 | 18 | Mehdi Abaakouk | <pre> |
| 199 | 18 | Mehdi Abaakouk | + 'kpartx -d debian-jessie-7.0.0-3-amd64.raw' |
| 200 | 18 | Mehdi Abaakouk | device-mapper: remove ioctl on loop0p1 failed: Device or resource busy |
| 201 | 18 | Mehdi Abaakouk | loop deleted : /dev/loop0 |
| 202 | 18 | Mehdi Abaakouk | </pre> |
| 203 | 11 | Mehdi Abaakouk | |
| 204 | 4 | Mehdi Abaakouk | On garde l'image raw qui sera importable dans ceph plus tard et on la mets à la racine pour qui l'utilisateur libvirt puisse y accéder. |
| 205 | 4 | Mehdi Abaakouk | |
| 206 | 6 | Mehdi Abaakouk | h4. Préparation du réseau |
| 207 | 4 | Mehdi Abaakouk | |
| 208 | 4 | Mehdi Abaakouk | <pre> |
| 209 | 4 | Mehdi Abaakouk | $ ovs-vsctl add-br br-net |
| 210 | 53 | Mehdi Abaakouk | $ ovs-vsctl add-br br-admin |
| 211 | 4 | Mehdi Abaakouk | $ ip link set br-net up |
| 212 | 1 | Mehdi Abaakouk | $ ip link set br-admin up |
| 213 | 53 | Mehdi Abaakouk | $ ovs-vsctl br-set-external-id br-net bridge-id br-net |
| 214 | 1 | Mehdi Abaakouk | $ ovs-vsctl br-set-external-id br-net bridge-id br-admin |
| 215 | 53 | Mehdi Abaakouk | $ ovs-vsctl add-port br-admin eth0.3175 |
| 216 | 47 | Mehdi Abaakouk | $ ip addr add 192.168.3.101/24 br-admin |
| 217 | 29 | Mehdi Abaakouk | $ ip addr add fe80::42/64 dev br-net |
| 218 | 8 | Mehdi Abaakouk | $ ip route add 89.234.156.249/32 dev br-net proto 42 |
| 219 | 28 | Mehdi Abaakouk | $ ip -6 route add 2a01:6600:8083:f900::/56 dev br-net proto 42 |
| 220 | 4 | Mehdi Abaakouk | </pre> |
| 221 | 5 | Mehdi Abaakouk | |
| 222 | 6 | Mehdi Abaakouk | h4. Installation de la VM |
| 223 | 4 | Mehdi Abaakouk | |
| 224 | 4 | Mehdi Abaakouk | <pre> |
| 225 | 51 | Mehdi Abaakouk | $ virt-install --name openstack --ram 2048 --network bridge=br-net --network bridge=br-admin --nographics --serial pty --wait -1 --noreboot --autostart --disk /openstack.raw,bus=virtio,cache=none,io=native --import |
| 226 | 4 | Mehdi Abaakouk | $ EDITOR="sed -i -e \"s,<source bridge='br-net'/>,<source bridge='br-net'/><virtualport type='openvswitch' />,g\"" virsh edit openstack # Openvswitch is not yet supported by virt-install |
| 227 | 50 | Mehdi Abaakouk | $ EDITOR="sed -i -e \"s,<source bridge='br-admin'/>,<source bridge='br-admin'/><virtualport type='openvswitch' />,g\"" virsh edit openstack # Openvswitch is not yet supported by virt-install |
| 228 | 4 | Mehdi Abaakouk | $ virsh start openstack |
| 229 | 19 | Mehdi Abaakouk | $ ssh root@openstack.tetaneutral.net -p 2222 |
| 230 | 19 | Mehdi Abaakouk | </pre> |
| 231 | 19 | Mehdi Abaakouk | |
| 232 | 19 | Mehdi Abaakouk | Une fois connecté à la VM: |
| 233 | 19 | Mehdi Abaakouk | |
| 234 | 19 | Mehdi Abaakouk | <pre> |
| 235 | 19 | Mehdi Abaakouk | $ apt-get install puppet |
| 236 | 19 | Mehdi Abaakouk | $ puppet agent --enable |
| 237 | 24 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 238 | 24 | Mehdi Abaakouk | Info: Caching certificate for ca |
| 239 | 24 | Mehdi Abaakouk | Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml |
| 240 | 24 | Mehdi Abaakouk | Info: Creating a new SSL certificate request for openstack.tetaneutral.net |
| 241 | 24 | Mehdi Abaakouk | Info: Certificate Request fingerprint (SHA256): AE:72:47:40:A0:E2:F4:59:BA:39:FA:3D:C2:A7:C9:1B:9F:87:A5:B7:65:3A:F9:D4:DE:AF:E2:A3:02:41:0F:2E |
| 242 | 24 | Mehdi Abaakouk | Info: Caching certificate for ca |
| 243 | 24 | Mehdi Abaakouk | Exiting; no certificate found and waitforcert is disabled |
| 244 | 19 | Mehdi Abaakouk | </pre> |
| 245 | 19 | Mehdi Abaakouk | |
| 246 | 19 | Mehdi Abaakouk | Sur le puppetmaster: |
| 247 | 19 | Mehdi Abaakouk | |
| 248 | 19 | Mehdi Abaakouk | <pre> |
| 249 | 1 | Mehdi Abaakouk | $ puppet ca sign openstack.tetaneutral.net |
| 250 | 22 | Mehdi Abaakouk | </pre> |
| 251 | 19 | Mehdi Abaakouk | _Note: si un vieux cert existe: puppet node clean openstack.tetaneutral.net _ |
| 252 | 19 | Mehdi Abaakouk | |
| 253 | 1 | Mehdi Abaakouk | De nouveau sur la VM: |
| 254 | 19 | Mehdi Abaakouk | |
| 255 | 19 | Mehdi Abaakouk | <pre> |
| 256 | 24 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 257 | 26 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 258 | 26 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 259 | 4 | Mehdi Abaakouk | </pre> |
| 260 | 26 | Mehdi Abaakouk | |
| 261 | 32 | Mehdi Abaakouk | Il ne doit plus y avoir d'erreur la 3°/4° fois. |
| 262 | 27 | Mehdi Abaakouk | |
| 263 | 26 | Mehdi Abaakouk | _note: Un paquet est manquant en ce moment (06/08/2014) dans jessie 'nullmailer', pour l'installer manuellement:_ |
| 264 | 26 | Mehdi Abaakouk | <pre> |
| 265 | 26 | Mehdi Abaakouk | wget http://ftp.fr.debian.org/debian/pool/main/n/nullmailer/nullmailer_1.11-2.1_amd64.deb |
| 266 | 26 | Mehdi Abaakouk | apt-get purge exim4-base exim4-config exim4-daemon-light |
| 267 | 26 | Mehdi Abaakouk | dpkg -i nullmailer_1.11-2.1_amd64.deb # Répondre n'importe quoi, ca sera ecrasé par puppet |
| 268 | 26 | Mehdi Abaakouk | apt-get install bsd-mailx |
| 269 | 26 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 270 | 26 | Mehdi Abaakouk | </pre> |
| 271 | 4 | Mehdi Abaakouk | |
| 272 | 34 | Mehdi Abaakouk | h3. Configuration des hyperviseurs |
| 273 | 34 | Mehdi Abaakouk | |
| 274 | 35 | Mehdi Abaakouk | Une fois la configuration réseau faite tout faire avec puppet: |
| 275 | 35 | Mehdi Abaakouk | |
| 276 | 35 | Mehdi Abaakouk | <pre> |
| 277 | 35 | Mehdi Abaakouk | $ apt-get install puppet |
| 278 | 35 | Mehdi Abaakouk | $ puppet agent --enable |
| 279 | 35 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 280 | 35 | Mehdi Abaakouk | Info: Caching certificate for ca |
| 281 | 35 | Mehdi Abaakouk | Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml |
| 282 | 35 | Mehdi Abaakouk | Info: Creating a new SSL certificate request for openstack.tetaneutral.net |
| 283 | 35 | Mehdi Abaakouk | Info: Certificate Request fingerprint (SHA256): AE:72:47:40:A0:E2:F4:59:BA:39:FA:3D:C2:A7:C9:1B:9F:87:A5:B7:65:3A:F9:D4:DE:AF:E2:A3:02:41:0F:2E |
| 284 | 35 | Mehdi Abaakouk | Info: Caching certificate for ca |
| 285 | 35 | Mehdi Abaakouk | Exiting; no certificate found and waitforcert is disabled |
| 286 | 35 | Mehdi Abaakouk | </pre> |
| 287 | 35 | Mehdi Abaakouk | |
| 288 | 35 | Mehdi Abaakouk | Sur le puppetmaster: |
| 289 | 35 | Mehdi Abaakouk | |
| 290 | 35 | Mehdi Abaakouk | <pre> |
| 291 | 35 | Mehdi Abaakouk | $ puppet ca sign openstack.tetaneutral.net |
| 292 | 35 | Mehdi Abaakouk | </pre> |
| 293 | 35 | Mehdi Abaakouk | _Note: si un vieux cert existe: puppet node clean openstack.tetaneutral.net _ |
| 294 | 35 | Mehdi Abaakouk | |
| 295 | 35 | Mehdi Abaakouk | De nouveau sur la VM: |
| 296 | 35 | Mehdi Abaakouk | |
| 297 | 35 | Mehdi Abaakouk | <pre> |
| 298 | 35 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 299 | 35 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 300 | 35 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 301 | 35 | Mehdi Abaakouk | </pre> |
| 302 | 35 | Mehdi Abaakouk | |
| 303 | 35 | Mehdi Abaakouk | Il ne doit plus y avoir d'erreur la 3°/4° fois. |
| 304 | 35 | Mehdi Abaakouk | |
| 305 | 35 | Mehdi Abaakouk | _note: Un paquet est manquant en ce moment (06/08/2014) dans jessie 'nullmailer', pour l'installer manuellement:_ |
| 306 | 35 | Mehdi Abaakouk | <pre> |
| 307 | 35 | Mehdi Abaakouk | wget http://ftp.fr.debian.org/debian/pool/main/n/nullmailer/nullmailer_1.11-2.1_amd64.deb |
| 308 | 35 | Mehdi Abaakouk | apt-get purge exim4-base exim4-config exim4-daemon-light |
| 309 | 35 | Mehdi Abaakouk | dpkg -i nullmailer_1.11-2.1_amd64.deb # Répondre n'importe quoi, ca sera ecrasé par puppet |
| 310 | 35 | Mehdi Abaakouk | apt-get install bsd-mailx |
| 311 | 35 | Mehdi Abaakouk | $ puppet agent -vt --server puppet.tetaneutral.net --certname openstack.tetaneutral.net --pluginsync |
| 312 | 35 | Mehdi Abaakouk | </pre> |
| 313 | 35 | Mehdi Abaakouk | |
| 314 | 35 | Mehdi Abaakouk | Ajouter la route qui n'a pu être mise au boot de la machine parceque puppet n'avait pas encore créé le bridge openvswitch br-net |
| 315 | 35 | Mehdi Abaakouk | <pre> |
| 316 | 35 | Mehdi Abaakouk | ip addr add fe80::42/64 dev br-net |
| 317 | 35 | Mehdi Abaakouk | </pre> |
| 318 | 35 | Mehdi Abaakouk | |
| 319 | 35 | Mehdi Abaakouk | h4. Information sur la configuration d'un hyperviseur sur le puppet master |
| 320 | 35 | Mehdi Abaakouk | |
| 321 | 35 | Mehdi Abaakouk | La configuration ressemble à : |
| 322 | 35 | Mehdi Abaakouk | |
| 323 | 35 | Mehdi Abaakouk | <pre> |
| 324 | 35 | Mehdi Abaakouk | node "gX.tetaneutral.net" inherits openstack_node_common { |
| 325 | 35 | Mehdi Abaakouk | # Configuration du routerid et de l'AS number de cette machine |
| 326 | 35 | Mehdi Abaakouk | # Il faut aussi mettre la conf bgp de h7 ainsi que les fichiers |
| 327 | 35 | Mehdi Abaakouk | # /etc/puppet/manifests/files/openstack-bird.conf.erb et |
| 328 | 35 | Mehdi Abaakouk | # /etc/puppet/manifests/files/openstack-bird6.conf.erb |
| 329 | 35 | Mehdi Abaakouk | # pour ajouter cette AS interne |
| 330 | 35 | Mehdi Abaakouk | ttnn_os_bird {'198.51.100.1': asnum => "65001"} |
| 331 | 35 | Mehdi Abaakouk | |
| 332 | 35 | Mehdi Abaakouk | # Dans le cas d'une moniteur ceph, mais uniquement 3 suffissent, on a déjà g1,g2,g3 |
| 333 | 35 | Mehdi Abaakouk | # ttnn_ceph_mon {$::hostname:} |
| 334 | 35 | Mehdi Abaakouk | |
| 335 | 35 | Mehdi Abaakouk | # La liste des disques dur à utiliser dans ceph |
| 336 | 35 | Mehdi Abaakouk | ttnn_ceph_osd {"/dev/sdb": } |
| 337 | 35 | Mehdi Abaakouk | ttnn_ceph_osd {"/dev/sdc": } |
| 338 | 35 | Mehdi Abaakouk | |
| 339 | 35 | Mehdi Abaakouk | # La partie Openstack, l'uuid doit être unique par machine (générer avec uuid-gen) |
| 340 | 49 | Mehdi Abaakouk | ttnn_os_compute {"9d26ec10-a48b-4f0f-a122-f10ed16d270f": } |
| 341 | 35 | Mehdi Abaakouk | |
| 342 | 35 | Mehdi Abaakouk | # La correction d'un petit bug :) |
| 343 | 35 | Mehdi Abaakouk | class {'ttnn_os_configdrive_ceph_fix': } |
| 344 | 1 | Mehdi Abaakouk | } |
| 345 | 37 | Mehdi Abaakouk | </pre> |
| 346 | 37 | Mehdi Abaakouk | |
| 347 | 37 | Mehdi Abaakouk | h3. Déplacement du controlleur dans openstack |
| 348 | 37 | Mehdi Abaakouk | |
| 349 | 37 | Mehdi Abaakouk | <pre> |
| 350 | 38 | Mehdi Abaakouk | $ virsh shutdown openstack |
| 351 | 38 | Mehdi Abaakouk | $ cat > os.conf <<EOF |
| 352 | 38 | Mehdi Abaakouk | export OS_AUTH_URL=http://openstack.tetaneutral.net:5000/v2.0/ |
| 353 | 38 | Mehdi Abaakouk | export OS_USERNAME=admin |
| 354 | 38 | Mehdi Abaakouk | export OS_TENANT_NAME=ttnn_admin |
| 355 | 38 | Mehdi Abaakouk | export OS_PASSWORD=<password> |
| 356 | 38 | Mehdi Abaakouk | EOF |
| 357 | 38 | Mehdi Abaakouk | $ source os.conf |
| 358 | 41 | Mehdi Abaakouk | |
| 359 | 41 | Mehdi Abaakouk | $ # Upload de l'image |
| 360 | 1 | Mehdi Abaakouk | $ glance image-create --progress --name openstack-controlleur --disk-format raw --container-format bare < /openstack.raw |
| 361 | 41 | Mehdi Abaakouk | [=============================>] 100% |
| 362 | 41 | Mehdi Abaakouk | +------------------+--------------------------------------+ |
| 363 | 41 | Mehdi Abaakouk | | Property | Value | |
| 364 | 41 | Mehdi Abaakouk | +------------------+--------------------------------------+ |
| 365 | 41 | Mehdi Abaakouk | | checksum | 493517836ee82ad4110254555d379d76 | |
| 366 | 41 | Mehdi Abaakouk | | container_format | bare | |
| 367 | 41 | Mehdi Abaakouk | | created_at | 2014-08-06T15:01:08 | |
| 368 | 41 | Mehdi Abaakouk | | deleted | False | |
| 369 | 41 | Mehdi Abaakouk | | deleted_at | None | |
| 370 | 41 | Mehdi Abaakouk | | disk_format | raw | |
| 371 | 41 | Mehdi Abaakouk | | id | 89e8fffd-3311-4885-93a8-986e05c055f4 | |
| 372 | 41 | Mehdi Abaakouk | | is_public | False | |
| 373 | 41 | Mehdi Abaakouk | | min_disk | 0 | |
| 374 | 41 | Mehdi Abaakouk | | min_ram | 0 | |
| 375 | 41 | Mehdi Abaakouk | | name | openstack-controlleur | |
| 376 | 41 | Mehdi Abaakouk | | owner | 27764634d22248f4a7c8518899ff38c5 | |
| 377 | 41 | Mehdi Abaakouk | | protected | False | |
| 378 | 41 | Mehdi Abaakouk | | size | 21474836480 | |
| 379 | 41 | Mehdi Abaakouk | | status | active | |
| 380 | 41 | Mehdi Abaakouk | | updated_at | 2014-08-06T15:11:22 | |
| 381 | 41 | Mehdi Abaakouk | | virtual_size | None | |
| 382 | 41 | Mehdi Abaakouk | +------------------+--------------------------------------+ |
| 383 | 41 | Mehdi Abaakouk | |
| 384 | 41 | Mehdi Abaakouk | $ # Creation d'un volume dans ceph de cette image |
| 385 | 41 | Mehdi Abaakouk | $ cinder create --display-name openstack.tetaneutral.net-bootdisk --image-id 89e8fffd-3311-4885-93a8-986e05c055f4 25 |
| 386 | 41 | Mehdi Abaakouk | |
| 387 | 41 | Mehdi Abaakouk | $ # Boot d'un VM avec de volume |
| 388 | 52 | Mehdi Abaakouk | $ netid_net=$(neutron net-list | awk '/ttnn-net/{print $2}') |
| 389 | 1 | Mehdi Abaakouk | $ netid_admin=$(neutron net-list | awk '/ttnn-admin/{print $2}') |
| 390 | 52 | Mehdi Abaakouk | $ nova boot --nic net-id=$netid_net,v4-fixed-ip=89.234.156.249 --nic net-id=$netid_admin,v4-fixed-ip=192.168.3.100 --block-device source=volume,id=$volume_id,shutdown=preserve,bootindex=0 --flavor m1.medium --poll openstack.tetaneutral.net |
| 391 | 35 | Mehdi Abaakouk | </pre> |
| 392 | 34 | Mehdi Abaakouk | |
| 393 | 4 | Mehdi Abaakouk | h2. Management d'openstack |
| 394 | 4 | Mehdi Abaakouk | |
| 395 | 3 | Mehdi Abaakouk | h3. Build and upload debian image: |
| 396 | 3 | Mehdi Abaakouk | |
| 397 | 3 | Mehdi Abaakouk | <pre> |
| 398 | 3 | Mehdi Abaakouk | $ apt-get install openstack-debian-images |
| 399 | 3 | Mehdi Abaakouk | #NOTE(sileht): temporairement appliquer les patches de au-dessus |
| 400 | 3 | Mehdi Abaakouk | $ build-openstack-debian-image -m -r jessie -u http://apt.tetaneutral.net/debian/ -s http://apt.tetaneutral.net/debian/ |
| 401 | 3 | Mehdi Abaakouk | $ glance image-create --file debian-jessie-7.0.0-3-amd64.raw --is-public True --human-readable --progress --disk-format raw --container-format bare --name debian-jessie-amd64 |
| 402 | 1 | Mehdi Abaakouk | </pre> |