OpenStack Ansible Installation, Part 1

OpenStack Ansible Queens on CentOS 7

Table of Contents

As I’ve been doing this other work, I’ve been reading about OpenStack and watching video presentations, and I deployed an AiO OpenStack VM with RDO. As things have progressed, I’ve encountered more and more ways in which Proxmox is deficient as a platform for automation.

I decided that if I’m going to suffer endlessly at getting something to work, it should be something worthwhile like OpenStack. So here we are.

Click here for this post’s git commit.

Overview

Since I’ve got three bare metal hosts, I’m following the OpenStack Ansible deployment guide and using their test config as a template.

OSA recommends deploying a lab environment from the infra node.

My storage node was installed with 70GB available on /, and a cinder-volumes LVM thin vg.

Inventory

I follow the openstack naming convention for my hosts. Since they’re my only bare metal, they’ll be the time servers.

[openstacknodes]
infra.lan.nathancurry.com
compute.lan.nathancurry.com
storage.lan.nathancurry.com

[timeservers:children]
openstacknodes

groupvars

Since I’m using the stack user for my OpenStack node administration, I added default user variables for my sshenableuser role

#groupvars/all
user: nc

#groupvars/openstacknodes
user: stack

hostvars

All I do here is set the deployhost for a more concise role

# hostvars/infra.lan.nathancurry.com
deployhost: 'yes'

Playbook

This doesn’t cover setting up the network yet, only preparing the nodes.

##init-osa.yml

This allows user login via SSH, sets up time, and applies the initial OpenStack Ansible config.

---
- name: set up user ssh
  hosts: openstacknodes
  user: root
  become: true

  vars_files:
    - ~/0/vault/secrets.yml

  roles:
  - sshenableuser

- name: init OpenStack Ansible hosts
  hosts: openstacknodes
  user: stack
  become: true

  vars_files:
    - ~/0/vault/secrets.yml

  roles:
    - chronyserver
    - osapreparenode

roles/osapreparenode

This role applies all the changes listed for the deploy host and target hosts for OpenStack Ansible Queens

vars/main.yml

Here I set the packages as indicated

---
deploypackages:
  - git
  - python-devel
  - '@Development Tools'

nodepackages:
  - bridge-utils
  - iputils
  - lsof
  - lvm2
  - chrony
  - openssh-server
  - sudo
  - python

UPDATE: During deployment, a script failed due to policycoreutils-python not being installed. I would be advisable to include it in nodepackages

tasks/main.yml

This is the main tasks list. It checks for a deployhost, and conditionally loads the relevant tasks file.

# main.yml
---
- name: install packages
  yum:
    name: "{{ nodepackages }}"
    state: present
    update_cache: yes

- name: Include deployhost tasks.
  import_tasks: deployhost.yml
  when: deployhost is defined

- name: load modules at boot
  copy:
    src: openstack-ansible.conf
    dest: /etc/modules-load.d/openstack-ansible.conf
    owner: root
    group: root
    mode: 0644

- name: lower kernel logging level
  lineinfile:
    line: "kernel.printk='4 1 7 4'"
    insertafter: EOF
    path: /etc/sysctl.conf
    state: present

- name: stop and mask firewall
  systemd:
    name: firewalld
    state: stopped
    masked: yes

tasks/deployhost.yml

This is the special steps for the deploy host:

---
- name: install rdo-release
  yum:
    name: 'https://rdoproject.org/repos/openstack-queens/rdo-release-queens.rpm'
    state: present

- name: install packages on deployhost
  yum:
    name: "{{ deploypackages }}"
    state: present

- name: install deploy key on deployhost
  blockinfile:
    block: "{{ id_ed25519_private }}"
    create: yes
    mode: 0600
    owner: "root"
    group: "root"
    path: "/root/.ssh/id_ed25519"

- name: make osa dir
  file:
    path: /opt/openstack-ansible
    owner: "{{ user }}"
    group: "{{ user }}"
    mode: 0750
    state: directory

- name: git
  git:
    dest: /opt/openstack-ansible
    repo: https://git.openstack.org/openstack/openstack-ansible
    version: 17.1.0

- name: bootstrap ansible
  command: './scripts/bootstrap-ansible.sh'
  args:
    chdir: /opt/openstack-ansible

Conclusion

Now that my hosts are ready to go, I can dig in to the network configuration. That’ll be part 2.

Click here for this post’s git commit.