Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@cloudnull

cloudnull/train-master-update.diff

Created July 15, 2021 17:30
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cloudnull/92ebde42a9c1a1bda36f4f3b65b0b24b to your computer and use it in GitHub Desktop.
Save cloudnull/92ebde42a9c1a1bda36f4f3b65b0b24b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
train-master-update.diff
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e48d6ef
--- /dev/null
+++ b/README.md
@@ -0,0 +1,44 @@
+# TripleO Deployment Templates
+
+These templates are used to deploy my home cloud environment which I use for
+development purposes. While this is a development cloud, and small, it does
+use all of the production characteristics ensuring that there's remote storage
+and network isolation.
+
+### Remote Storage
+
+The cloud environment uses NFS for remote storage.
+
+> The NFS implementation is on the backend through ZFS and is not covered by
+ these deployment templates.
+
+
+### Network Isolation
+
+The cloud environment uses a multi-nic setup with VLAN tagged interfaces which
+supports both IPv4 and IPv6.
+
+
+### Helper Functions
+
+The file `make-cloud.bash` is provided to make deployments simple, containing
+a collection of helper functions which can ease the deployment process and
+provide for some better understanding to what is actually required to run
+an end to end TripleO deployment.
+
+> To use these functions source the `make-cloud.bash` file.
+
+###### Example execution workflow
+
+``` shell
+$ pre-build
+$ deploy-undercloud
+$ get-overcloud-images
+$ generate-roles
+$ network-provision
+$ baremetal-import
+$ baremetal-inspect
+$ baremetal-provision
+$ deploy-overcloud
+$ post-deploy
+```
diff --git a/baremetal-config.yaml b/baremetal-config.yaml
new file mode 100644
index 0000000..f11b0ef
--- /dev/null
+++ b/baremetal-config.yaml
@@ -0,0 +1,47 @@
+---
+- name: Compute
+ count: 1
+ defaults:
+ profile: compute
+ networks:
+ - network: external
+ subnet: external_subnet
+ - network: internal_api
+ subnet: internal_api_subnet
+ - network: storage
+ subnet: storage_subnet
+ - network: storage_mgmt
+ subnet: storage_mgmt_subnet
+ - network: tenant
+ subnet: tenant_subnet
+ config_drive:
+ cloud_config:
+ network:
+ config: disabled
+ network_config:
+ template: /home/centos/dual-nic-multi-vlan.yaml.j2
+ default_route_network:
+ - external
+- name: Controller
+ count: 1
+ defaults:
+ profile: control
+ networks:
+ - network: external
+ subnet: external_subnet
+ - network: internal_api
+ subnet: internal_api_subnet
+ - network: storage
+ subnet: storage_subnet
+ - network: storage_mgmt
+ subnet: storage_mgmt_subnet
+ - network: tenant
+ subnet: tenant_subnet
+ config_drive:
+ cloud_config:
+ network:
+ config: disabled
+ network_config:
+ template: /home/centos/dual-nic-multi-vlan.yaml.j2
+ default_route_network:
+ - external
diff --git a/dual-nic-multi-vlan.yaml.j2 b/dual-nic-multi-vlan.yaml.j2
new file mode 100644
index 0000000..ad5ce7f
--- /dev/null
+++ b/dual-nic-multi-vlan.yaml.j2
@@ -0,0 +1,113 @@
+# This network template is useful for environments that leverage two network interfaces and VLANs.
+#
+# The first network device will have a simple setup giving operators access to the node.
+# * "nic1" is the control plane network.
+#
+# The second network device is used with OVS and has assosiated VLAN tagged interfaces for further
+# network isolation.
+# * "nic2" is the network responsible for all cloud operations.
+#
+---
+{#
+ Set the default public DNS. When the option `ctlplane_dns_nameservers` has no value, the network
+ template will use the public DNS constant. This is done to ensure that overcloud nodes have an
+ appropriate DNS entry for the environment.
+#}
+{% set public_dns = ["208.67.222.222", "8.8.8.8"] %}
+{#
+ Determine the value of the `ctlplane_dns_nameservers` and set the value if requied.
+#}
+{% if ctlplane_dns_nameservers is defined %}
+{% if (ctlplane_dns_nameservers is not mapping) and (ctlplane_dns_nameservers is iterable) and (ctlplane_dns_nameservers is not string) %}
+{% if (ctlplane_dns_nameservers | length | int) < 1 %}
+{% set ctlplane_dns_nameservers = public_dns %}
+{% endif %}
+{% endif %}
+{% else %}
+{% set ctlplane_dns_nameservers = public_dns %}
+{% endif %}
+{#
+ Loop through all networks set the minimum viable MTU and create nic2 vlan members.
+#}
+{% set mtu_list = [ctlplane_mtu] %}
+{% set nic2_members = [] %}
+{% for network in role_networks %}
+{% set _ = mtu_list.append(
+ lookup('vars', networks_lower[network] ~ '_mtu')
+ )
+%}
+{% set vlan_id = lookup('vars', networks_lower[network] ~ '_vlan_id') | int %}
+{% if vlan_id != 1 %}
+{% set _ = nic2_members.append(
+ {
+ "type": "vlan",
+ "mtu": lookup('vars', networks_lower[network] ~ '_mtu') | int,
+ "vlan_id": vlan_id | int,
+ "addresses": [
+ {
+ "ip_netmask": lookup('vars', networks_lower[network] ~ '_ip') ~ "/" ~ lookup('vars', networks_lower[network] ~ '_cidr')
+ }
+ ],
+ "routes": lookup('vars', networks_lower[network] ~ '_host_routes')
+ }
+ )
+%}
+{% endif %}
+{% endfor %}
+{#
+ Sort the members by VLAN ID.
+#}
+{% set nic2_members = nic2_members | sort(attribute='vlan_id') | list %}
+{#
+ Note that the minimum MTU is selected because the bridge interface will inheret the lowest MTU of all member interfaces.
+#}
+{% set min_viable_mtu = mtu_list | min | int %}
+{#
+ Create the primary interface for use with members
+#}
+{% set _ = nic2_members.insert(
+ 0,
+ {
+ "type": "interface",
+ "name": "nic2",
+ "mtu": min_viable_mtu | int,
+ "primary": true
+ }
+ )
+%}
+{#
+ Set the network configuration interfaces
+#}
+{% set network_config_interfaces = [
+ {
+ "type": "interface",
+ "name": "nic1",
+ "mtu": ctlplane_mtu,
+ "dns_servers": ctlplane_dns_nameservers,
+ "domain": dns_search_domains,
+ "routes": ctlplane_host_routes,
+ "use_dhcp": false,
+ "addresses": [
+ {
+ "ip_netmask": ctlplane_ip ~ "/" ~ ctlplane_subnet_cidr
+ }
+ ]
+ },
+ {
+ "type": "ovs_bridge",
+ "name": neutron_physical_bridge_name,
+ "mtu": min_viable_mtu,
+ "use_dhcp": false,
+ "domain": dns_search_domains,
+ "members": nic2_members
+ }
+ ]
+%}
+{#
+ Render the network configuration as nice YAML
+#}
+{% set network_config = {
+ "network_config": network_config_interfaces
+ }
+%}
+{{ network_config | to_nice_yaml }}
diff --git a/init-repo.yaml b/init-repo.yaml
new file mode 100644
index 0000000..9ec7b47
--- /dev/null
+++ b/init-repo.yaml
@@ -0,0 +1,10 @@
+---
+parameter_defaults:
+ DnfStreams: []
+ UpgradeInitCommand: |-
+ set -ev
+ sudo curl -L -o /etc/yum.repos.d/CentOS-Linux-BaseOS.repo https://gist.githubusercontent.com/cloudnull/3db5385e3d0fd373be81d9b8f156b67c/raw/a614daedacf6c55b00b248654a28450cc4273295/gistfile1.txt
+ sudo curl -L -o /etc/yum.repos.d/delorean.repo https://trunk.rdoproject.org/centos8/current/delorean.repo
+ sudo dnf install -y 'python*tripleo-repos'
+ sudo tripleo-repos -b master current-tripleo
+ sudo dnf clean all
diff --git a/instackenv.yaml b/instackenv.yaml
new file mode 100644
index 0000000..7e6f2f6
--- /dev/null
+++ b/instackenv.yaml
@@ -0,0 +1,30 @@
+---
+nodes:
+- arch: x86_64
+ capabilities: boot_option:local,profile:compute,node:overcloud-novacompute-0
+ cpu: 8
+ disk: 1
+ memory: 16384
+ name: compute-0
+ pm_addr: 172.16.27.67
+ pm_password: secrete
+ pm_port: 16021
+ pm_type: ipmi
+ pm_user: admin
+ ports:
+ - address: 52:54:00:59:2a:20
+ - address: 52:54:00:27:d5:38
+- arch: x86_64
+ capabilities: boot_option:local,profile:control,node:overcloud-controller-0
+ cpu: 8
+ disk: 1
+ memory: 16384
+ name: controller-0
+ pm_addr: 172.16.27.67
+ pm_password: secrete
+ pm_port: 16020
+ pm_type: ipmi
+ pm_user: admin
+ ports:
+ - address: 52:54:00:4d:58:af
+ - address: 52:54:00:b0:4d:22
diff --git a/make-cloud.bash b/make-cloud.bash
new file mode 100644
index 0000000..ca70015
--- /dev/null
+++ b/make-cloud.bash
@@ -0,0 +1,447 @@
+#!/usr/bin/env bash
+
+export HOME="${HOME:-~/}"
+export THT="${THT:-/usr/share/openstack-tripleo-heat-templates}"
+export NTP_SERVER="${NTP_SERVER:-time.google.com}"
+export VIRT_TYPE="${VIRT_TYPE:-$([ $(egrep -c '(vmx|svm)' /proc/cpuinfo) = 0 ] && echo qemu || echo kvm)}"
+export STACK_NAME="${STACK_NAME:-rk-openstack-0}"
+export NFS_SERVER="${NFS_SERVER:-172.16.27.211}"
+export TENANT_VLAN="${TENANT_VLAN:-204}"
+
+
+function tmux_execute {
+ tmux new-session -d -s deploy-tripleo -n deploy-tripleo || true
+ tmux new-window -n deploy -t 0 || true
+ tmux send-keys "${1}" C-m
+}
+
+
+function process-templates {
+ source ${HOME}/stackrc
+ eval "${THT}/tools/process-templates.py -p ${THT} -r ${THT}/roles_data.yaml -n ${HOME}/net-data.yaml -o /tmp/templates/"
+}
+
+
+function upgrade-undercloud {
+ sudo tripleo-repos -b master current-tripleo
+ sudo dnf -y update python-tripleoclient* openstack-tripleo-common openstack-tripleo-heat-templates
+
+ source ${HOME}/stackrc
+
+ openstack tripleo container image prepare default \
+ --local-push-destination \
+ --output-env-file ${HOME}/containers-prepare-parameter.yaml
+
+ openstack undercloud upgrade --yes
+}
+
+
+function upgrade-overcloud {
+ process-templates
+
+ echo "execute: openstack overcloud upgrade prepare"
+ openstack overcloud upgrade prepare --yes --templates ${THT} \
+ --roles-file ${THT}/roles_data.yaml \
+ --stack ${STACK_NAME} \
+ --environment-file ${THT}/environments/disable-telemetry.yaml \
+ --environment-file ${THT}/environments/enable-swap.yaml \
+ --environment-file ${THT}/environments/storage/glance-nfs.yaml \
+ --environment-file ${THT}/environments/storage/cinder-nfs.yaml \
+ --environment-file /tmp/templates/environments/deployed-server-environment.yaml \
+ --environment-file ${HOME}/parameters.yaml \
+ --environment-file ${HOME}/overcloud-baremetal-deployed.yaml \
+ --environment-file ${HOME}/init-repo.yaml \
+ --networks-file ${HOME}/net-data.yaml \
+ --config-download-timeout 1024 \
+ --timeout 1024 \
+ --deployed-server \
+ --disable-validations \
+ --validation-errors-nonfatal \
+ --ntp-server ${NTP_SERVER} \
+ --log-file ${HOME}/deploy.log \
+ --libvirt-type ${VIRT_TYPE}
+
+ echo "execute: openstack overcloud upgrade run Controller"
+ openstack overcloud upgrade run --yes --limit 'Controller' \
+ --skip-tags validation \
+ --stack ${STACK_NAME}
+
+ echo "execute: openstack overcloud upgrade run Compute"
+ openstack overcloud upgrade run --yes --limit '!Controller' \
+ --skip-tags validation \
+ --stack ${STACK_NAME}
+
+ echo "execute: openstack overcloud upgrade converge"
+ openstack overcloud upgrade converge --yes --templates ${THT} \
+ --roles-file ${THT}/roles_data.yaml \
+ --stack ${STACK_NAME} \
+ --environment-file ${THT}/environments/disable-telemetry.yaml \
+ --environment-file ${THT}/environments/enable-swap.yaml \
+ --environment-file ${THT}/environments/storage/glance-nfs.yaml \
+ --environment-file ${THT}/environments/storage/cinder-nfs.yaml \
+ --environment-file /tmp/templates/environments/deployed-server-environment.yaml \
+ --environment-file ${HOME}/parameters.yaml \
+ --environment-file ${HOME}/overcloud-baremetal-deployed.yaml \
+ --environment-file ${HOME}/init-repo.yaml \
+ --networks-file ${HOME}/net-data.yaml \
+ --config-download-timeout 1024 \
+ --timeout 1024 \
+ --deployed-server \
+ --disable-validations \
+ --validation-errors-nonfatal \
+ --ntp-server ${NTP_SERVER} \
+ --log-file ${HOME}/deploy.log \
+ --libvirt-type ${VIRT_TYPE}
+}
+
+
+function setup-standalone-multi-nic {
+ export IP="${IP:-192.168.24.2}"
+ export NETMASK="${NETMASK:-24}"
+ export INTERFACE="${INTERFACE:-eth1}"
+ export MTU="$(cat /sys/class/net/${INTERFACE}/mtu)"
+
+ cat <<EOF > $HOME/standalone_parameters.yaml
+parameter_defaults:
+ CloudName: ${IP}
+ ControlPlaneStaticRoutes: []
+ Debug: true
+ DeploymentUser: ${USER}
+ DnsServers:
+ - 1.1.1.1
+ - 8.8.8.8
+ DockerInsecureRegistryAddress:
+ - ${IP}:8787
+ NeutronPublicInterface: ${INTERFACE}
+ # domain name used by the host
+ CloudDomain: localdomain
+ NeutronDnsDomain: localdomain
+ # re-use ctlplane bridge for public net, defined in the standalone
+ # net config (do not change unless you know what you're doing)
+ NeutronBridgeMappings: datacentre:${BRIDGE}
+ NeutronPhysicalBridge: ${BRIDGE}
+ # enable to force metadata for public net
+ #NeutronEnableForceMetadata: true
+ StandaloneEnableRoutedNetworks: false
+ StandaloneHomeDir: ${HOME}
+ InterfaceLocalMtu: ${MTU}
+ # Needed if running in a VM, not needed if on baremetal
+ NovaComputeLibvirtType: ${VIRT_TYPE}
+EOF
+
+}
+
+
+function setup-standalone-single-nic {
+ export INTERFACE="$(ip -o r g 1 | awk '{print $5}')"
+ export CIDR=$(ip -o -4 a l | grep -w "${INTERFACE}\s" | awk '{print $4}' | head -n 1)
+ export IP=$(echo ${CIDR} | awk -F'/' '{print $1}')
+ export NETMASK=$(echo ${CIDR} | awk -F'/' '{print $2}')
+ export GATEWAY="$(ip -o r g 1 | awk '{print $3}')"
+ export MTU="$(cat /sys/class/net/${INTERFACE}/mtu)"
+
+ sudo dd of=/etc/sysconfig/network-scripts/route-${BRIDGE} <<EOF
+default via ${GATEWAY} dev ${BRIDGE}
+EOF
+ cat <<EOF > ${HOME}/standalone_parameters.yaml
+parameter_defaults:
+ CloudName: ${IP}
+ # default gateway
+ ControlPlaneStaticRoutes:
+ - ip_netmask: 0.0.0.0/0
+ next_hop: ${GATEWAY}
+ default: true
+ Debug: true
+ DeploymentUser: ${USER}
+ DnsServers:
+ - 1.1.1.1
+ - 8.8.8.8
+ # needed for vip & pacemaker
+ KernelIpNonLocalBind: 1
+ DockerInsecureRegistryAddress:
+ - ${IP}:8787
+ NeutronPublicInterface: ${INTERFACE}
+ # domain name used by the host
+ CloudDomain: localdomain
+ NeutronDnsDomain: localdomain
+ # re-use ctlplane bridge for public net, defined in the standalone
+ # net config (do not change unless you know what you're doing)
+ NeutronBridgeMappings: datacentre:${BRIDGE}
+ NeutronPhysicalBridge: ${BRIDGE}
+ # enable to force metadata for public net
+ #NeutronEnableForceMetadata: true
+ StandaloneEnableRoutedNetworks: false
+ StandaloneHomeDir: ${HOME}
+ InterfaceLocalMtu: ${MTU}
+ # Needed if running in a VM, not needed if on baremetal
+ NovaComputeLibvirtType: ${VIRT_TYPE}
+EOF
+
+}
+
+
+function build-patched-packages {
+ cat <<EOF > playbook.yaml
+---
+- name: Build packages
+ hosts: localhost
+ connection: local
+ vars:
+ ansible_user: "$(whoami)"
+ roles:
+ - role: cloudnull.ansible_tripleo_sdk
+ tripleo_sdk_developer_patches:
+ - url: "https://review.opendev.org/openstack/tripleo-heat-templates"
+ refs: "refs/changes/67/772967/4"
+ version: FETCH_HEAD
+ - url: "https://review.opendev.org/openstack/python-tripleoclient"
+ refs: "refs/changes/84/773284/3"
+ version: FETCH_HEAD
+ - url: "https://review.opendev.org/openstack/tripleo-common"
+ refs: refs/changes/82/773482/1
+ version: FETCH_HEAD
+EOF
+ ansible-galaxy install cloudnull.ansible_tripleo_sdk --force
+ rm -fv /home/centos/tripleo-sdk/packages.created
+ ansible-playbook -i localhost, playbook.yaml
+}
+
+
+function get-overcloud-images {
+ mkdir -p ${HOME}/images
+ pushd ${HOME}/images
+ IMAGE_URL="https://images.rdoproject.org/centos8/master/rdo_trunk/current-tripleo/"
+ curl "${IMAGE_URL}/ironic-python-agent.tar" -o ironic-python-agent.tar
+ tar xf ironic-python-agent.tar
+ curl "${IMAGE_URL}/overcloud-full.tar" -o overcloud-full.tar
+ tar xf overcloud-full.tar
+ openstack --os-cloud undercloud overcloud image upload --update-existing --local
+ popd
+ sudo chown 42422:42422 /var/lib/ironic/images/*
+}
+
+
+function build-overcloud-images {
+ source ${HOME}/stackrc
+
+ mkdir -p ${HOME}/images
+ pushd ${HOME}/images
+ mkdir -p ${HOME}/elements
+ pushd ${HOME}/elements
+ git clone https://opendev.org/openstack/tripleo-puppet-elements || true
+ git clone https://opendev.org/openstack/tripleo-image-elements || true
+ git clone https://opendev.org/openstack/heat-agents || true
+ git clone https://opendev.org/openstack/ironic-python-agent-builder || true
+ git clone https://opendev.org/openstack/instack-undercloud || true
+ popd
+ export ELEMENTS_PATH="${HOME}/elements/tripleo-puppet-elements/elements:${HOME}/elements/tripleo-image-elements/elements:${HOME}/elements/heat-agents:${HOME}/elements/ironic-python-agent-builder/dib/"
+ export DIB_DEBUG_TRACE=1
+ export DIB_YUM_REPO_CONF="/etc/yum.repos.d/*"
+ grep -rnil '\#\!.*python*' "${HOME}/elements" | xargs -n 1 pathfix.py -i $(which python3) -p -n
+ openstack --os-cloud undercloud overcloud image build
+ openstack --os-cloud undercloud overcloud image upload --update-existing --local
+ popd
+
+ sudo chown 42422:42422 /var/lib/ironic/images/*
+}
+
+
+function generate-roles {
+ cp -r /usr/share/openstack-tripleo-heat-templates/roles ${HOME}/tripleo-roles
+ openstack --os-cloud undercloud overcloud roles generate \
+ --output ${HOME}/generated-roles-data.yaml \
+ --roles-path ${HOME}/tripleo-roles \
+ $(openstack --os-cloud undercloud overcloud role list)
+ echo -e "The generated roles data in [ ${HOME}/generated-roles-data.yaml ] needs to be customized before being used. When ready to deploy, rename the file [ roles-data.yaml ]."
+}
+
+
+function network-provision {
+ process-templates
+ openstack --os-cloud undercloud overcloud network provision \
+ --yes \
+ --output ${HOME}/overcloud-networks-deployed.yaml \
+ ${HOME}/net-data.yaml
+ openstack --os-cloud undercloud overcloud network vip provision \
+ --yes \
+ --stack ${STACK_NAME} \
+ --output ${HOME}/overcloud-vip-deployed.yaml \
+ ${HOME}/network-vips.yaml
+}
+
+
+function baremetal-unprovision {
+ source ${HOME}/stackrc
+ metalsmith list | awk "/${STACK_NAME}/ {print $2}" | xargs -n 1 metalsmith undeploy
+ openstack --os-cloud undercloud baremetal node delete $(openstack baremetal node list -f value | awk '{print $1}')
+}
+
+
+function baremetal-import {
+ openstack --os-cloud undercloud overcloud node import instackenv.yaml
+}
+
+
+function baremetal-inspect {
+ openstack --os-cloud undercloud overcloud node introspect \
+ --all-manageable \
+ --provide \
+ --concurrency 2
+}
+
+
+function baremetal-provision {
+ openstack --os-cloud undercloud overcloud node provision \
+ --stack ${STACK_NAME} \
+ --network-config \
+ --output ${HOME}/overcloud-baremetal-deployed.yaml \
+ ${HOME}/baremetal-config.yaml
+}
+
+
+function apply-workarounds {
+ bash -x ${HOME}/workarounds/*
+}
+
+
+function pre-build {
+ sudo hostnamectl set-hostname $(hostname -s).localdomain
+ sudo hostnamectl set-hostname $(hostname -s).localdomain --transient
+
+ # Prune interface files to match only our active networks
+ ls -1 /etc/sysconfig/network-scripts/ | grep -w 'ifcfg' | sed 's/ifcfg-//g' | xargs -i -n 1 bash -c "(ip link show {} || sudo rm -f /etc/sysconfig/network-scripts/ifcfg-{})"
+
+ [ -f ${HOME}/.ssh/id_rsa.pub ] || ssh-keygen -t rsa -f ${HOME}/.ssh/id_rsa -q -P ""
+
+ curl https://trunk.rdoproject.org/centos8/current/delorean.repo | sudo tee /etc/yum.repos.d/delorean.repo
+
+ sudo dnf install -y 'python*tripleo-repos'
+
+ sudo tripleo-repos -b master current-tripleo
+
+ sudo dnf -y install NetworkManager qemu-guest-agent vim network-scripts patch git patchutils iptables-services \
+ python*-virtualenv tmux OpenIPMI ipmitool python*tripleoclient patch git patchutils \
+ iptables-services python*tripleoclient
+}
+
+
+function deploy-overcloud {
+ openstack --os-cloud undercloud overcloud deploy --stack ${STACK_NAME} \
+ --templates ${THT} \
+ --environment-file ${THT}/environments/enable-swap.yaml \
+ --environment-file ${THT}/environments/storage/glance-nfs.yaml \
+ --environment-file ${THT}/environments/storage/cinder-nfs.yaml \
+ --environment-file ${HOME}/overcloud-baremetal-deployed.yaml \
+ --environment-file ${HOME}/overcloud-networks-deployed.yaml \
+ --environment-file ${HOME}/overcloud-vip-deployed.yaml \
+ --environment-file ${HOME}/parameters.yaml \
+ --roles-file ${HOME}/roles-data.yaml \
+ --config-download-timeout 1024 \
+ --timeout 1024 \
+ --disable-validations \
+ --validation-errors-nonfatal \
+ --ntp-server ${NTP_SERVER} \
+ --log-file ${HOME}/deploy.log \
+ --libvirt-type ${VIRT_TYPE}
+}
+
+
+function deploy-standalone {
+ openstack tripleo container image prepare default --output-env-file ${HOME}/containers-prepare-parameters.yaml
+
+ export VIP="192.168.25.2"
+ export BRIDGE="br-ctlplane"
+
+ sudo openstack tripleo deploy --templates \
+ --local-ip=${IP}/${NETMASK} \
+ --control-virtual-ip ${VIP} \
+ -r /usr/share/openstack-tripleo-heat-templates/roles/Standalone.yaml \
+ --environment-file /usr/share/openstack-tripleo-heat-templates/environments/standalone/standalone-tripleo.yaml \
+ --environment-file ${HOME}/containers-prepare-parameters.yaml \
+ --environment-file ${HOME}/standalone_parameters.yaml \
+ --output-dir ${HOME} \
+ --standalone \
+ --stack ${STACK_NAME}
+}
+
+
+function deploy-undercloud {
+ sudo modprobe br-netfilter
+
+ [ -f "/etc/sysconfig/network-scripts/ifcfg-vlan-vlan${TENANT_VLAN}" ] || \
+ sudo nmcli connection add type vlan ifname "vlan${TENANT_VLAN}" \
+ dev $(ip -o route get 1 | awk '{print $5}') \
+ id "${TENANT_VLAN}" \
+ ip4 172.16.4.2/24 \
+ gw4 172.16.4.1
+
+ echo "br_netfilter" | sudo tee /etc/modules-load.d/99-netfilter.conf
+ process-templates
+ openstack undercloud install --no-validations
+}
+
+
+function cloud-teardown {
+ baremetal-unprovision
+ openstack --os-cloud undercloud overcloud delete --yes "${STACK_NAME}"
+ openstack --os-cloud undercloud port list -f value | awk "/${STACK_NAME}/ {print \$1}"| xargs -n 1 openstack --os-cloud undercloud port delete
+ openstack --os-cloud undercloud subnet list -f value | grep -v ctlplane | awk '{print $1}' | xargs -n 1 openstack subnet delete
+ openstack --os-cloud undercloud network list -f value | grep -v ctlplane | awk '{print $1}' | xargs -n 1 openstack network delete
+}
+
+
+function post-deploy {
+ sudo mount -t nfs ${NFS_SERVER}:/mnt/storage/media/rhv /mnt
+
+ . ${HOME}/${STACK_NAME}rc
+
+ for NAME in ubuntu-focal-server-cloudimg-amd64-disk-kvm.img \
+ ubuntu-bionic-server-cloudimg-amd64.img \
+ Fedora-Cloud-Base-33-1.2.x86_64.qcow2 \
+ CentOS-8-x86_64-GenericCloud.qcow2 \
+ rhel-8-x86_64-kvm.qcow2; do
+ openstack image create --disk-format qcow2 --container-format bare --public --file /mnt/images/${NAME} ${NAME}
+ openstack image set --property hw_scsi_model=virtio-scsi \
+ --property hw_disk_bus=scsi \
+ --property hw_vif_multiqueue_enabled=true \
+ --property hw_qemu_guest_agent=yes \
+ --property hypervisor_type=kvm \
+ --property os_require_quiesce=yes \
+ --property img_config_drive=optional \
+ ${NAME}
+ done
+
+ openstack flavor create --ram 2048 --disk 16 --ephemeral 0 --swap 8 --vcpus 2 --public k0.small
+ openstack flavor create --ram 4096 --disk 32 --ephemeral 0 --swap 8 --vcpus 6 --public k0.tester
+ openstack flavor create --ram 8192 --disk 64 --ephemeral 16 --swap 8 --vcpus 8 --public k0.medium
+ openstack flavor create --ram 16384 --disk 96 --ephemeral 16 --swap 8 --vcpus 16 --public k0.tripleo
+
+ openstack network create --provider-network-type vlan \
+ --external \
+ --provider-physical-network datacentre \
+ --provider-segment "${TENANT_VLAN}" \
+ --share \
+ "os-${TENANT_VLAN}"
+ openstack network create internal
+
+ openstack subnet create --dhcp \
+ --subnet-range 172.16.4.0/24 \
+ --allocation-pool 'start=172.16.4.150,end=172.16.4.200' \
+ --gateway 172.16.4.1 \
+ --dns-nameserver 8.8.8.8 \
+ --network "os-${TENANT_VLAN}" \
+ "os-${TENANT_VLAN}_subnet"
+ openstack subnet create --dhcp \
+ --subnet-range 10.0.10.0/24 \
+ --dns-nameserver 8.8.8.8 \
+ --network internal \
+ internal_subnet
+
+ openstack router create internal_router
+ openstack router set --external-gateway "os-${TENANT_VLAN}" internal_router
+ openstack router add subnet internal_router internal_subnet
+
+ GROUP_ID=$(openstack security group list --project admin | awk '/default/ {print $2}')
+ openstack security group rule create --project admin --proto ANY --remote-ip '0.0.0.0/0' --ethertype IPv4 "${GROUP_ID}"
+ openstack security group rule create --project admin --proto ANY --remote-ip '::/0' --ethertype IPv6 "${GROUP_ID}"
+}
diff --git a/net-data.yaml b/net-data.yaml
new file mode 100644
index 0000000..b1bc4a2
--- /dev/null
+++ b/net-data.yaml
@@ -0,0 +1,95 @@
+---
+- mtu: 1500
+ name: Tenant
+ name_lower: tenant
+ subnets:
+ tenant_subnet:
+ allocation_pools:
+ - end: 172.16.0.250
+ start: 172.16.0.4
+ ip_subnet: 172.16.0.0/24
+ ipv6_allocation_pools:
+ - end: fd00:fd00:fd00:5000:ffff:ffff:ffff:fffe
+ start: fd00:fd00:fd00:5000::10
+ ipv6_subnet: fd00:fd00:fd00:5000::/64
+ vlan: 200
+ vip: false
+- mtu: 1500
+ name: Storage
+ name_lower: storage
+ subnets:
+ storage_subnet:
+ allocation_pools:
+ - end: 172.16.1.250
+ start: 172.16.1.4
+ ip_subnet: 172.16.1.0/24
+ ipv6_allocation_pools:
+ - end: fd00:fd00:fd00:3000:ffff:ffff:ffff:fffe
+ start: fd00:fd00:fd00:3000::10
+ ipv6_subnet: fd00:fd00:fd00:3000::/64
+ vlan: 201
+ vip: true
+- mtu: 1500
+ name: StorageMgmt
+ name_lower: storage_mgmt
+ subnets:
+ storage_mgmt_subnet:
+ allocation_pools:
+ - end: 172.16.2.250
+ start: 172.16.2.4
+ ip_subnet: 172.16.2.0/24
+ ipv6_allocation_pools:
+ - end: fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe
+ start: fd00:fd00:fd00:4000::10
+ ipv6_subnet: fd00:fd00:fd00:4000::/64
+ vlan: 202
+ vip: true
+- mtu: 1500
+ name: InternalApi
+ name_lower: internal_api
+ subnets:
+ internal_api_subnet:
+ allocation_pools:
+ - end: 172.16.3.250
+ start: 172.16.3.4
+ ip_subnet: 172.16.3.0/24
+ ipv6_allocation_pools:
+ - end: fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe
+ start: fd00:fd00:fd00:2000::10
+ ipv6_subnet: fd00:fd00:fd00:2000::/64
+ vlan: 203
+ vip: true
+- mtu: 1500
+ name: External
+ name_lower: external
+ subnets:
+ external_subnet:
+ allocation_pools:
+ - end: 172.16.4.250
+ start: 172.16.4.4
+ gateway_ip: 172.16.4.1
+ gateway_ipv6: 2001:db8:fd00:1000::1
+ ip_subnet: 172.16.4.0/24
+ ipv6_allocation_pools:
+ - end: 2001:db8:fd00:1000:ffff:ffff:ffff:fffe
+ start: 2001:db8:fd00:1000::10
+ ipv6_subnet: 2001:db8:fd00:1000::/64
+ vlan: 204
+ vip: true
+- mtu: 1500
+ name: Management
+ name_lower: management
+ subnets:
+ management_subnet:
+ allocation_pools:
+ - end: 172.16.5.250
+ start: 172.16.5.4
+ gateway_ip: 172.16.5.1
+ gateway_ipv6: fd00:fd00:fd00:6000::1
+ ip_subnet: 172.16.5.0/24
+ ipv6_allocation_pools:
+ - end: fd00:fd00:fd00:6000:ffff:ffff:ffff:fffe
+ start: fd00:fd00:fd00:6000::10
+ ipv6_subnet: fd00:fd00:fd00:6000::/64
+ vlan: 205
+ vip: false
diff --git a/network-vips.yaml b/network-vips.yaml
new file mode 100644
index 0000000..6ce2ac1
--- /dev/null
+++ b/network-vips.yaml
@@ -0,0 +1,12 @@
+---
+- network: storage_mgmt
+ dns_name: overcloud
+- network: internal_api
+ dns_name: overcloud
+- network: storage
+ dns_name: overcloud
+- network: external
+ dns_name: overcloud
+- network: ctlplane
+ dns_name: overcloud
+
diff --git a/parameters.yaml b/parameters.yaml
new file mode 100644
index 0000000..71bf284
--- /dev/null
+++ b/parameters.yaml
@@ -0,0 +1,73 @@
+---
+parameter_defaults:
+ BlockStorageCount: 0
+ BlockStorageNetworkConfigTemplate: /home/centos/dual-nic-multi-vlan.yaml.j2
+ CellControllerNetworkConfigTemplate: /home/centos/dual-nic-multi-vlan.yaml.j2
+ CephStorageCount: 0
+ CephStorageNetworkConfigTemplate: /home/centos/dual-nic-multi-vlan.yaml.j2
+ CephStorageSchedulerHints:
+ capabilities:node: overcloud-ceph-%index%
+ CinderEnableIscsiBackend: false
+ CinderEnableNfsBackend: true
+ CinderNfsMountOptions: context=system_u:object_r:container_file_t:s0
+ CinderNfsServers: 172.16.27.211:/mnt/storage/openstack/cinder
+ CloudDomain: localdomain
+ CloudName: overcloud.localdomain
+ CloudNameCtlplane: overcloud.ctlplane.localdomain
+ CloudNameInternal: overcloud.internalapi.localdomain
+ CloudNameStorage: overcloud.storage.localdomain
+ CloudNameStorageManagement: overcloud.storagemgmt.localdomain
+ ComputeCount: 1
+ ComputeDVRNetworkConfigTemplate: /home/centos/dual-nic-multi-vlan.yaml.j2
+ ComputeExtraConfig:
+ nova::compute::libvirt::cpu_mode: host-passthrough
+ nova::compute::libvirt::disk_cachemodes:
+ - file=writeback
+ - block=none
+ - network=writeback
+ nova::compute::libvirt::force_raw_images: true
+ nova::compute::libvirt::hw_machine_type:
+ - x86_64=q35
+ nova::compute::libvirt::images_type: raw
+ nova::compute::libvirt::preallocate_images: space
+ nova::compute::libvirt::use_cow_images: true
+ ComputeNetworkConfigTemplate: /home/centos/dual-nic-multi-vlan.yaml.j2
+ ComputeParameters:
+ KernelArgs: default_hugepagesz=1GB hugepagesz=1GB hugepages=4 amd_iommu=on iommu=pt
+ kvm_amd.npt=1 kvm.ignore_msrs=1
+ ComputeSchedulerHints:
+ capabilities:node: overcloud-novacompute-%index%
+ ContainerCli: podman
+ ContainerImagePrepare:
+ - excludes:
+ - ceph
+ - prometheus
+ push_destination: true
+ set:
+ name_prefix: openstack
+ name_suffix: ''
+ namespace: docker.io/tripleomaster
+ rhel_containers: 'false'
+ tag: current-tripleo-rdo
+ ControllerCount: 1
+ ControllerNetworkConfigTemplate: /home/centos/dual-nic-multi-vlan.yaml.j2
+ ControllerSchedulerHints:
+ capabilities:node: overcloud-controller-%index%
+ DnsServers:
+ - 208.67.222.222
+ - 8.8.8.8
+ GlanceCacheEnabled: true
+ GlanceEnabledImportMethods: web-download,glance-direct
+ GlanceNfsShare: 172.16.27.211:/mnt/storage/openstack/glance
+ GlanceStagingNfsShare: 172.16.27.211:/mnt/storage/openstack/glance-staging
+ ObjectStorageCount: 0
+ ObjectStorageNetworkConfigTemplate: /home/centos/dual-nic-multi-vlan.yaml.j2
+ OctaviaTimeoutClientData: 1200000
+ OctaviaTimeoutMemberData: 1200000
+ OvercloudBlockStorageFlavor: baremetal
+ OvercloudCephStorageFlavor: baremetal
+ OvercloudComputeFlavor: baremetal
+ OvercloudControlFlavor: baremetal
+ OvercloudSwiftStorageFlavor: baremetal
+ SELinuxMode: permissive
+ StandaloneNetworkConfigTemplate: /home/centos/dual-nic-multi-vlan.yaml.j2
diff --git a/patching-playbook.yaml b/patching-playbook.yaml
new file mode 100644
index 0000000..34e0c9a
--- /dev/null
+++ b/patching-playbook.yaml
@@ -0,0 +1,15 @@
+---
+- name: Build packages
+ hosts: localhost
+ connection: local
+ vars:
+ ansible_user: "centos"
+ roles:
+ - role: cloudnull.ansible_tripleo_sdk
+ tripleo_sdk_developer_patches: []
+ # - url: "https://review.opendev.org/openstack/tripleo-common"
+ # refs: "refs/changes/27/753427/18"
+ # version: FETCH_HEAD
+ # - url: "https://review.opendev.org/openstack/python-tripleoclient"
+ # refs: "refs/changes/68/757868/8"
+ # version: FETCH_HEAD
diff --git a/roles-data.yaml b/roles-data.yaml
new file mode 100644
index 0000000..a9efa5f
--- /dev/null
+++ b/roles-data.yaml
@@ -0,0 +1,567 @@
+###############################################################################
+# File generated by TripleO
+###############################################################################
+###############################################################################
+# Role: Compute #
+###############################################################################
+- name: Compute
+ description: |
+ Basic Compute Node role
+ CountDefault: 1
+ # Create external Neutron bridge (unset if using ML2/OVS without DVR)
+ tags:
+ - compute
+ - external_bridge
+ networks:
+ External:
+ subnet: external_subnet
+ InternalApi:
+ subnet: internal_api_subnet
+ Storage:
+ subnet: storage_subnet
+ StorageMgmt:
+ subnet: storage_mgmt_subnet
+ Tenant:
+ subnet: tenant_subnet
+ # For systems with both IPv4 and IPv6, you may specify a gateway network for
+ # each, such as ['ControlPlane', 'External']
+ default_route_networks: ['ControlPlane', 'External']
+ HostnameFormatDefault: '%stackname%-novacompute-%index%'
+ RoleParametersDefault:
+ TunedProfileName: "virtual-host"
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ # These deprecated_params only need to be used for existing roles and not for
+ # composable roles.
+ uses_deprecated_params: True
+ deprecated_param_image: 'NovaImage'
+ deprecated_param_extraconfig: 'NovaComputeExtraConfig'
+ deprecated_param_metadata: 'NovaComputeServerMetadata'
+ deprecated_param_scheduler_hints: 'NovaComputeSchedulerHints'
+ deprecated_param_ips: 'NovaComputeIPs'
+ deprecated_server_resource_name: 'NovaCompute'
+ deprecated_nic_config_name: 'compute.yaml'
+ update_serial: 25
+ ServicesDefault:
+ - OS::TripleO::Services::Aide
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::BootParams
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::ComputeCeilometerAgent
+ - OS::TripleO::Services::ComputeNeutronCorePlugin
+ - OS::TripleO::Services::ComputeNeutronL3Agent
+ - OS::TripleO::Services::ComputeNeutronMetadataAgent
+ - OS::TripleO::Services::ComputeNeutronOvsAgent
+ - OS::TripleO::Services::Frr
+ - OS::TripleO::Services::IpaClient
+ - OS::TripleO::Services::Ipsec
+ - OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::LoginDefs
+ - OS::TripleO::Services::MetricsQdr
+ - OS::TripleO::Services::Multipathd
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronBgpVpnBagpipe
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
+ - OS::TripleO::Services::NeutronVppAgent
+ - OS::TripleO::Services::NovaAZConfig
+ - OS::TripleO::Services::NovaCompute
+ - OS::TripleO::Services::NovaLibvirt
+ - OS::TripleO::Services::NovaLibvirtGuests
+ - OS::TripleO::Services::NovaMigrationTarget
+ - OS::TripleO::Services::ContainersLogrotateCrond
+ - OS::TripleO::Services::Podman
+ - OS::TripleO::Services::Rear
+ - OS::TripleO::Services::Rhsm
+ - OS::TripleO::Services::Rsyslog
+ - OS::TripleO::Services::RsyslogSidecar
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Timesync
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
+ - OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::OVNController
+ - OS::TripleO::Services::OVNMetadataAgent
+###############################################################################
+# Role: Controller #
+###############################################################################
+- name: Controller
+ description: |
+ Controller role that has all the controler services loaded and handles
+ Database, Messaging and Network functions.
+ CountDefault: 1
+ tags:
+ - primary
+ - controller
+ # Create external Neutron bridge for SNAT (and floating IPs when using
+ # ML2/OVS without DVR)
+ - external_bridge
+ networks:
+ External:
+ subnet: external_subnet
+ InternalApi:
+ subnet: internal_api_subnet
+ Storage:
+ subnet: storage_subnet
+ StorageMgmt:
+ subnet: storage_mgmt_subnet
+ Tenant:
+ subnet: tenant_subnet
+ # For systems with both IPv4 and IPv6, you may specify a gateway network for
+ # each, such as ['ControlPlane', 'External']
+ default_route_networks: ['External']
+ HostnameFormatDefault: '%stackname%-controller-%index%'
+ RoleParametersDefault:
+ OVNCMSOptions: "enable-chassis-as-gw"
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ uses_deprecated_params: True
+ deprecated_param_extraconfig: 'controllerExtraConfig'
+ deprecated_param_flavor: 'OvercloudControlFlavor'
+ deprecated_param_image: 'controllerImage'
+ deprecated_nic_config_name: 'controller.yaml'
+ update_serial: 1
+ ServicesDefault:
+ - OS::TripleO::Services::Aide
+ - OS::TripleO::Services::AodhApi
+ - OS::TripleO::Services::AodhEvaluator
+ - OS::TripleO::Services::AodhListener
+ - OS::TripleO::Services::AodhNotifier
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::BarbicanApi
+ - OS::TripleO::Services::BarbicanBackendSimpleCrypto
+ - OS::TripleO::Services::BarbicanBackendDogtag
+ - OS::TripleO::Services::BarbicanBackendKmip
+ - OS::TripleO::Services::BarbicanBackendPkcs11Crypto
+ - OS::TripleO::Services::BootParams
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CeilometerAgentCentral
+ - OS::TripleO::Services::CeilometerAgentNotification
+ - OS::TripleO::Services::CephClient
+ - OS::TripleO::Services::CephExternal
+ - OS::TripleO::Services::CephGrafana
+ - OS::TripleO::Services::CephMds
+ - OS::TripleO::Services::CephMgr
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephRbdMirror
+ - OS::TripleO::Services::CephRgw
+ - OS::TripleO::Services::CinderApi
+ - OS::TripleO::Services::CinderBackendDellSc
+ - OS::TripleO::Services::CinderBackendDellEMCPowerFlex
+ - OS::TripleO::Services::CinderBackendDellEMCPowermax
+ - OS::TripleO::Services::CinderBackendDellEMCPowerStore
+ - OS::TripleO::Services::CinderBackendDellEMCSc
+ - OS::TripleO::Services::CinderBackendDellEMCUnity
+ - OS::TripleO::Services::CinderBackendDellEMCVMAXISCSI
+ - OS::TripleO::Services::CinderBackendDellEMCVNX
+ - OS::TripleO::Services::CinderBackendDellEMCVxFlexOS
+ - OS::TripleO::Services::CinderBackendDellEMCXtremio
+ - OS::TripleO::Services::CinderBackendNetApp
+ - OS::TripleO::Services::CinderBackendPure
+ - OS::TripleO::Services::CinderBackendScaleIO
+ - OS::TripleO::Services::CinderBackendNVMeOF
+ - OS::TripleO::Services::CinderBackup
+ - OS::TripleO::Services::CinderScheduler
+ - OS::TripleO::Services::CinderVolume
+ - OS::TripleO::Services::Clustercheck
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::ContainerImagePrepare
+ - OS::TripleO::Services::DesignateApi
+ - OS::TripleO::Services::DesignateCentral
+ - OS::TripleO::Services::DesignateProducer
+ - OS::TripleO::Services::DesignateWorker
+ - OS::TripleO::Services::DesignateMDNS
+ - OS::TripleO::Services::DesignateSink
+ - OS::TripleO::Services::DesignateBind
+ - OS::TripleO::Services::Etcd
+ - OS::TripleO::Services::ExternalSwiftProxy
+ - OS::TripleO::Services::Frr
+ - OS::TripleO::Services::GlanceApi
+ - OS::TripleO::Services::GnocchiApi
+ - OS::TripleO::Services::GnocchiMetricd
+ - OS::TripleO::Services::GnocchiStatsd
+ - OS::TripleO::Services::HAproxy
+ - OS::TripleO::Services::HeatApi
+ - OS::TripleO::Services::HeatApiCloudwatch
+ - OS::TripleO::Services::HeatApiCfn
+ - OS::TripleO::Services::HeatEngine
+ - OS::TripleO::Services::Horizon
+ - OS::TripleO::Services::IpaClient
+ - OS::TripleO::Services::Ipsec
+ - OS::TripleO::Services::IronicApi
+ - OS::TripleO::Services::IronicConductor
+ - OS::TripleO::Services::IronicInspector
+ - OS::TripleO::Services::IronicPxe
+ - OS::TripleO::Services::IronicNeutronAgent
+ - OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::Keystone
+ - OS::TripleO::Services::LoginDefs
+ - OS::TripleO::Services::ManilaApi
+ - OS::TripleO::Services::ManilaBackendCephFs
+ - OS::TripleO::Services::ManilaBackendIsilon
+ - OS::TripleO::Services::ManilaBackendNetapp
+ - OS::TripleO::Services::ManilaBackendUnity
+ - OS::TripleO::Services::ManilaBackendVNX
+ - OS::TripleO::Services::ManilaBackendVMAX
+ - OS::TripleO::Services::ManilaScheduler
+ - OS::TripleO::Services::ManilaShare
+ - OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::MetricsQdr
+ - OS::TripleO::Services::MistralApi
+ - OS::TripleO::Services::MistralEngine
+ - OS::TripleO::Services::MistralExecutor
+ - OS::TripleO::Services::MistralEventEngine
+ - OS::TripleO::Services::Multipathd
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronApi
+ - OS::TripleO::Services::NeutronBgpVpnApi
+ - OS::TripleO::Services::NeutronSfcApi
+ - OS::TripleO::Services::NeutronCorePlugin
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL2gwAgent
+ - OS::TripleO::Services::NeutronL2gwApi
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronLinuxbridgeAgent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::NeutronVppAgent
+ - OS::TripleO::Services::NeutronAgentsIBConfig
+ - OS::TripleO::Services::NovaApi
+ - OS::TripleO::Services::NovaConductor
+ - OS::TripleO::Services::NovaIronic
+ - OS::TripleO::Services::NovaMetadata
+ - OS::TripleO::Services::NovaScheduler
+ - OS::TripleO::Services::NovaVncProxy
+ - OS::TripleO::Services::ContainersLogrotateCrond
+ - OS::TripleO::Services::OctaviaApi
+ - OS::TripleO::Services::OctaviaDeploymentConfig
+ - OS::TripleO::Services::OctaviaHealthManager
+ - OS::TripleO::Services::OctaviaHousekeeping
+ - OS::TripleO::Services::OctaviaWorker
+ - OS::TripleO::Services::OpenStackClients
+ - OS::TripleO::Services::OVNDBs
+ - OS::TripleO::Services::OVNController
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::PlacementApi
+ - OS::TripleO::Services::OsloMessagingRpc
+ - OS::TripleO::Services::OsloMessagingNotify
+ - OS::TripleO::Services::Podman
+ - OS::TripleO::Services::Rear
+ - OS::TripleO::Services::Redis
+ - OS::TripleO::Services::Rhsm
+ - OS::TripleO::Services::Rsyslog
+ - OS::TripleO::Services::RsyslogSidecar
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::SwiftProxy
+ - OS::TripleO::Services::SwiftDispersion
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::Timesync
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
+ - OS::TripleO::Services::Unbound
+ - OS::TripleO::Services::Vpp
+ - OS::TripleO::Services::Zaqar
+###############################################################################
+# Role: Networker #
+###############################################################################
+- name: Networker
+ description: |
+ Standalone networking role to run Neutron agents on their own.
+ networks:
+ External:
+ subnet: external_subnet
+ InternalApi:
+ subnet: internal_api_subnet
+ Storage:
+ subnet: storage_subnet
+ StorageMgmt:
+ subnet: storage_mgmt_subnet
+ Tenant:
+ subnet: tenant_subnet
+ # For systems with both IPv4 and IPv6, you may specify a gateway network for
+ # each, such as ['ControlPlane', 'External']
+ default_route_networks: ['External']
+ tags:
+ - external_bridge
+ HostnameFormatDefault: '%stackname%-networker-%index%'
+ RoleParametersDefault:
+ OVNCMSOptions: "enable-chassis-as-gw"
+ update_serial: 1
+ ServicesDefault:
+ - OS::TripleO::Services::Aide
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::BootParams
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::Frr
+ - OS::TripleO::Services::IpaClient
+ - OS::TripleO::Services::Ipsec
+ - OS::TripleO::Services::IronicNeutronAgent
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::LoginDefs
+ - OS::TripleO::Services::MetricsQdr
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::NeutronDhcpAgent
+ - OS::TripleO::Services::NeutronL2gwAgent
+ - OS::TripleO::Services::NeutronL3Agent
+ - OS::TripleO::Services::NeutronMetadataAgent
+ - OS::TripleO::Services::NeutronOvsAgent
+ - OS::TripleO::Services::NeutronVppAgent
+ - OS::TripleO::Services::ContainersLogrotateCrond
+ - OS::TripleO::Services::OctaviaDeploymentConfig
+ - OS::TripleO::Services::OctaviaHealthManager
+ - OS::TripleO::Services::OctaviaHousekeeping
+ - OS::TripleO::Services::OctaviaWorker
+ - OS::TripleO::Services::OVNController
+ - OS::TripleO::Services::Podman
+ - OS::TripleO::Services::Rear
+ - OS::TripleO::Services::Rhsm
+ - OS::TripleO::Services::Rsyslog
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Timesync
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
+###############################################################################
+# Role: BlockStorage #
+###############################################################################
+- name: BlockStorage
+ description: |
+ Cinder Block Storage node role
+ tags:
+ - storage
+ networks:
+ External:
+ subnet: external_subnet
+ InternalApi:
+ subnet: internal_api_subnet
+ Storage:
+ subnet: storage_subnet
+ StorageMgmt:
+ subnet: storage_mgmt_subnet
+ Tenant:
+ subnet: tenant_subnet
+ # For systems with both IPv4 and IPv6, you may specify a gateway network for
+ # each, such as ['ControlPlane', 'External']
+ default_route_networks: ['External']
+ uses_deprecated_params: False
+ deprecated_nic_config_name: 'cinder-storage.yaml'
+ update_serial: 25
+ ServicesDefault:
+ - OS::TripleO::Services::Aide
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::BlockStorageCinderVolume
+ - OS::TripleO::Services::BootParams
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::Frr
+ - OS::TripleO::Services::IpaClient
+ - OS::TripleO::Services::Ipsec
+ - OS::TripleO::Services::Iscsid
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::LoginDefs
+ - OS::TripleO::Services::MetricsQdr
+ - OS::TripleO::Services::Multipathd
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::ContainersLogrotateCrond
+ - OS::TripleO::Services::Podman
+ - OS::TripleO::Services::Rear
+ - OS::TripleO::Services::Rhsm
+ - OS::TripleO::Services::Rsyslog
+ - OS::TripleO::Services::RsyslogSidecar
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Timesync
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
+###############################################################################
+# Role: Database #
+###############################################################################
+- name: Database
+ description: |
+ Standalone database role with the database being managed via Pacemaker
+ networks:
+ External:
+ subnet: external_subnet
+ InternalApi:
+ subnet: internal_api_subnet
+ Storage:
+ subnet: storage_subnet
+ StorageMgmt:
+ subnet: storage_mgmt_subnet
+ Tenant:
+ subnet: tenant_subnet
+ # For systems with both IPv4 and IPv6, you may specify a gateway network for
+ # each, such as ['ControlPlane', 'External']
+ default_route_networks: ['External']
+ HostnameFormatDefault: '%stackname%-database-%index%'
+ update_serial: 1
+ ServicesDefault:
+ - OS::TripleO::Services::Aide
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::BootParams
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::Clustercheck
+ - OS::TripleO::Services::Frr
+ - OS::TripleO::Services::IpaClient
+ - OS::TripleO::Services::Ipsec
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::LoginDefs
+ - OS::TripleO::Services::MetricsQdr
+ - OS::TripleO::Services::MySQL
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::ContainersLogrotateCrond
+ - OS::TripleO::Services::Pacemaker
+ - OS::TripleO::Services::Podman
+ - OS::TripleO::Services::Rear
+ - OS::TripleO::Services::Rhsm
+ - OS::TripleO::Services::Rsyslog
+ - OS::TripleO::Services::RsyslogSidecar
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Timesync
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
+###############################################################################
+# Role: ObjectStorage #
+###############################################################################
+- name: ObjectStorage
+ description: |
+ Swift Object Storage node role
+ tags:
+ - storage
+ networks:
+ External:
+ subnet: external_subnet
+ InternalApi:
+ subnet: internal_api_subnet
+ Storage:
+ subnet: storage_subnet
+ StorageMgmt:
+ subnet: storage_mgmt_subnet
+ Tenant:
+ subnet: tenant_subnet
+ # For systems with both IPv4 and IPv6, you may specify a gateway network for
+ # each, such as ['ControlPlane', 'External']
+ default_route_networks: ['External']
+ # Deprecated & backward-compatible values (FIXME: Make parameters consistent)
+ # Set uses_deprecated_params to True if any deprecated params are used.
+ uses_deprecated_params: True
+ deprecated_param_metadata: 'SwiftStorageServerMetadata'
+ deprecated_param_ips: 'SwiftStorageIPs'
+ deprecated_param_image: 'SwiftStorageImage'
+ deprecated_param_flavor: 'OvercloudSwiftStorageFlavor'
+ deprecated_nic_config_name: 'swift-storage.yaml'
+ deprecated_server_resource_name: 'SwiftStorage'
+ # SwiftStorage present so serial has to be 1
+ update_serial: 1
+ ServicesDefault:
+ - OS::TripleO::Services::Aide
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::BootParams
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::Frr
+ - OS::TripleO::Services::IpaClient
+ - OS::TripleO::Services::Ipsec
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::LoginDefs
+ - OS::TripleO::Services::MetricsQdr
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::ContainersLogrotateCrond
+ - OS::TripleO::Services::Podman
+ - OS::TripleO::Services::Rear
+ - OS::TripleO::Services::Rhsm
+ - OS::TripleO::Services::Rsyslog
+ - OS::TripleO::Services::RsyslogSidecar
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::SwiftStorage
+ - OS::TripleO::Services::Timesync
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
+ - OS::TripleO::Services::Ptp
+###############################################################################
+# Role: CephAll #
+###############################################################################
+- name: CephAll
+ description: |
+ Standalone Storage Full Role (OSD + MON + RGW + MDS + MGR + RBD Mirroring)
+ tags:
+ - ceph
+ - storage
+ networks:
+ External:
+ subnet: external_subnet
+ InternalApi:
+ subnet: internal_api_subnet
+ Storage:
+ subnet: storage_subnet
+ StorageMgmt:
+ subnet: storage_mgmt_subnet
+ Tenant:
+ subnet: tenant_subnet
+ # For systems with both IPv4 and IPv6, you may specify a gateway network for
+ # each, such as ['ControlPlane', 'External']
+ default_route_networks: ['External']
+ HostnameFormatDefault: '%stackname%-ceph-all-%index%'
+ # CephOSD present so serial has to be 1
+ update_serial: 1
+ ServicesDefault:
+ - OS::TripleO::Services::Aide
+ - OS::TripleO::Services::AuditD
+ - OS::TripleO::Services::BootParams
+ - OS::TripleO::Services::CACerts
+ - OS::TripleO::Services::CephGrafana
+ - OS::TripleO::Services::CephMds
+ - OS::TripleO::Services::CephMgr
+ - OS::TripleO::Services::CephMon
+ - OS::TripleO::Services::CephRbdMirror
+ - OS::TripleO::Services::CephRgw
+ - OS::TripleO::Services::CephOSD
+ - OS::TripleO::Services::Collectd
+ - OS::TripleO::Services::Frr
+ - OS::TripleO::Services::IpaClient
+ - OS::TripleO::Services::Ipsec
+ - OS::TripleO::Services::Kernel
+ - OS::TripleO::Services::LoginDefs
+ - OS::TripleO::Services::MetricsQdr
+ - OS::TripleO::Services::MySQLClient
+ - OS::TripleO::Services::ContainersLogrotateCrond
+ - OS::TripleO::Services::Podman
+ - OS::TripleO::Services::Rhsm
+ - OS::TripleO::Services::Rsyslog
+ - OS::TripleO::Services::RsyslogSidecar
+ - OS::TripleO::Services::Securetty
+ - OS::TripleO::Services::Snmp
+ - OS::TripleO::Services::Sshd
+ - OS::TripleO::Services::Timesync
+ - OS::TripleO::Services::Timezone
+ - OS::TripleO::Services::TripleoFirewall
+ - OS::TripleO::Services::TripleoPackages
+ - OS::TripleO::Services::Tuned
\ No newline at end of file
diff --git a/workarounds/00-podman-downgrade.sh b/workarounds/00-podman-downgrade.sh
new file mode 100644
index 0000000..50b5647
--- /dev/null
+++ b/workarounds/00-podman-downgrade.sh
@@ -0,0 +1,4 @@
+dnf -y remove podman
+dnf -y module reset container-tools
+dnf -y module enable container-tools:3.0
+dnf -y install podman
diff --git a/x b/x
deleted file mode 100644
index c1b0730..0000000
--- a/x
+++ /dev/null
@@ -1 +0,0 @@
-x
\ No newline at end of file
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment