summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLucas Alvares Gomes <lucasagomes@gmail.com>2016-11-18 11:11:43 +0000
committerLucas Alvares Gomes <lucasagomes@gmail.com>2016-12-19 11:37:29 +0000
commitc8c6e57ca2aad70c859505e02213ddfe40223e19 (patch)
treed3c46d2017f1e4525c9d68f8441fea05b28c9bf4
parent2d42633a434afcaae41cfb5131ad0e4dfae7ddc3 (diff)
VirtualBMC support for tripleo-quickstart
This patch is replacing the usage of the pxe_ssh driver in Ironic in favor of pxe_ipmitool + VirtualBMC*. The main reason for this patch is because the pxe_ssh driver is already marked as unsupported and will be removed from Ironic upstream at the end of the Ocata release. Older releases: Liberty, Mitaka and Newton will continue to rely on the pxe_ssh driver. * VirtualBMC is a proxy that converts IPMI commands to libvirt calls Partial-Bug: #1645733 Change-Id: Iaaa9fc1fd593cbce045456f4341c461a8eea82ad
Notes
Notes (review): Code-Review+2: John Trowbridge <trown@redhat.com> Workflow+1: John Trowbridge <trown@redhat.com> Verified+2: Jenkins Submitted-by: Jenkins Submitted-at: Mon, 19 Dec 2016 14:14:40 +0000 Reviewed-on: https://review.openstack.org/399704 Project: openstack/tripleo-quickstart Branch: refs/heads/master
-rw-r--r--config/general_config/ceph.yml3
-rw-r--r--config/general_config/ha.yml6
-rw-r--r--config/general_config/ha_big.yml10
-rw-r--r--config/general_config/minimal.yml2
-rw-r--r--config/general_config/minimal_no_netiso.yml2
-rw-r--r--config/general_config/minimal_pacemaker.yml2
-rw-r--r--roles/common/defaults/main.yml4
-rw-r--r--roles/libvirt/setup/overcloud/templates/instackenv.json.j216
-rw-r--r--roles/libvirt/setup/undercloud/tasks/main.yml22
-rw-r--r--roles/provision/defaults/main.yml4
-rw-r--r--roles/provision/remote/tasks/main.yml9
-rw-r--r--roles/tripleo/undercloud/tasks/post-install.yml47
12 files changed, 118 insertions, 9 deletions
diff --git a/config/general_config/ceph.yml b/config/general_config/ceph.yml
index 621b8af..22dbf44 100644
--- a/config/general_config/ceph.yml
+++ b/config/general_config/ceph.yml
@@ -4,12 +4,15 @@
4overcloud_nodes: 4overcloud_nodes:
5 - name: control_0 5 - name: control_0
6 flavor: control 6 flavor: control
7 virtualbmc_port: 6230
7 8
8 - name: compute_0 9 - name: compute_0
9 flavor: compute 10 flavor: compute
11 virtualbmc_port: 6231
10 12
11 - name: ceph_0 13 - name: ceph_0
12 flavor: ceph 14 flavor: ceph
15 virtualbmc_port: 6232
13 16
14# Tell tripleo how we want things done. 17# Tell tripleo how we want things done.
15extra_args: >- 18extra_args: >-
diff --git a/config/general_config/ha.yml b/config/general_config/ha.yml
index c97e141..597b574 100644
--- a/config/general_config/ha.yml
+++ b/config/general_config/ha.yml
@@ -24,13 +24,19 @@ undercloud_generate_service_certificate: True
24overcloud_nodes: 24overcloud_nodes:
25 - name: control_0 25 - name: control_0
26 flavor: control 26 flavor: control
27 virtualbmc_port: 6230
28
27 - name: control_1 29 - name: control_1
28 flavor: control 30 flavor: control
31 virtualbmc_port: 6231
32
29 - name: control_2 33 - name: control_2
30 flavor: control 34 flavor: control
35 virtualbmc_port: 6232
31 36
32 - name: compute_0 37 - name: compute_0
33 flavor: compute 38 flavor: compute
39 virtualbmc_port: 6233
34 40
35# We don't need introspection in a virtual environment (because we are 41# We don't need introspection in a virtual environment (because we are
36# creating all the "hardware" we really know the necessary 42# creating all the "hardware" we really know the necessary
diff --git a/config/general_config/ha_big.yml b/config/general_config/ha_big.yml
index 656aab9..963683c 100644
--- a/config/general_config/ha_big.yml
+++ b/config/general_config/ha_big.yml
@@ -21,17 +21,27 @@ default_vcpu: 1
21overcloud_nodes: 21overcloud_nodes:
22 - name: control_0 22 - name: control_0
23 flavor: control 23 flavor: control
24 virtualbmc_port: 6230
25
24 - name: control_1 26 - name: control_1
25 flavor: control 27 flavor: control
28 virtualbmc_port: 6231
29
26 - name: control_2 30 - name: control_2
27 flavor: control 31 flavor: control
32 virtualbmc_port: 6232
28 33
29 - name: compute_0 34 - name: compute_0
30 flavor: compute 35 flavor: compute
36 virtualbmc_port: 6233
37
31 - name: compute_1 38 - name: compute_1
32 flavor: compute 39 flavor: compute
40 virtualbmc_port: 6234
41
33 - name: compute_2 42 - name: compute_2
34 flavor: compute 43 flavor: compute
44 virtualbmc_port: 6235
35 45
36# We don't need introspection in a virtual environment (because we are 46# We don't need introspection in a virtual environment (because we are
37# creating all the "hardware" we really know the necessary 47# creating all the "hardware" we really know the necessary
diff --git a/config/general_config/minimal.yml b/config/general_config/minimal.yml
index ab51bb0..75c9a37 100644
--- a/config/general_config/minimal.yml
+++ b/config/general_config/minimal.yml
@@ -7,9 +7,11 @@ step_introspect: true
7overcloud_nodes: 7overcloud_nodes:
8 - name: control_0 8 - name: control_0
9 flavor: control 9 flavor: control
10 virtualbmc_port: 6230
10 11
11 - name: compute_0 12 - name: compute_0
12 flavor: compute 13 flavor: compute
14 virtualbmc_port: 6231
13 15
14# Tell tripleo how we want things done. 16# Tell tripleo how we want things done.
15extra_args: >- 17extra_args: >-
diff --git a/config/general_config/minimal_no_netiso.yml b/config/general_config/minimal_no_netiso.yml
index c6386bf..614a5e7 100644
--- a/config/general_config/minimal_no_netiso.yml
+++ b/config/general_config/minimal_no_netiso.yml
@@ -6,9 +6,11 @@ step_introspect: true
6overcloud_nodes: 6overcloud_nodes:
7 - name: control_0 7 - name: control_0
8 flavor: control 8 flavor: control
9 virtualbmc_port: 6230
9 10
10 - name: compute_0 11 - name: compute_0
11 flavor: compute 12 flavor: compute
13 virtualbmc_port: 6231
12 14
13network_isolation: false 15network_isolation: false
14 16
diff --git a/config/general_config/minimal_pacemaker.yml b/config/general_config/minimal_pacemaker.yml
index 671fcf1..e84d407 100644
--- a/config/general_config/minimal_pacemaker.yml
+++ b/config/general_config/minimal_pacemaker.yml
@@ -5,9 +5,11 @@
5overcloud_nodes: 5overcloud_nodes:
6 - name: control_0 6 - name: control_0
7 flavor: control 7 flavor: control
8 virtualbmc_port: 6230
8 9
9 - name: compute_0 10 - name: compute_0
10 flavor: compute 11 flavor: compute
12 virtualbmc_port: 6231
11 13
12# Tell tripleo how we want things done. 14# Tell tripleo how we want things done.
13extra_args: >- 15extra_args: >-
diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml
index 6d136b9..e87f0f6 100644
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@@ -152,3 +152,7 @@ devmode: false
152 152
153# Tuned profile set while provisioning remote hosts to optimize for deployment 153# Tuned profile set while provisioning remote hosts to optimize for deployment
154tuned_profile: 'virtual-host' 154tuned_profile: 'virtual-host'
155
156# This is the name of the user the `provision` role will create on the
157# remote host.
158non_root_user: stack
diff --git a/roles/libvirt/setup/overcloud/templates/instackenv.json.j2 b/roles/libvirt/setup/overcloud/templates/instackenv.json.j2
index be2c580..111fe8c 100644
--- a/roles/libvirt/setup/overcloud/templates/instackenv.json.j2
+++ b/roles/libvirt/setup/overcloud/templates/instackenv.json.j2
@@ -6,8 +6,18 @@
6 {% for node in overcloud_nodes %} 6 {% for node in overcloud_nodes %}
7 { 7 {
8 "name": "{{ node.name|replace('_', '-') }}", 8 "name": "{{ node.name|replace('_', '-') }}",
9 "pm_password": {{ virt_power_key_pvt | to_nice_json }}, 9 {% if release in ['liberty', 'mitaka', 'newton' ] %}
10 "pm_type": "pxe_ssh", 10 "pm_password": {{ virt_power_key_pvt | to_nice_json }},
11 "pm_type": "pxe_ssh",
12 "pm_user": "{{ ansible_user_id }}",
13 "pm_addr": "{{ host_ip }}",
14 {% else %}
15 "pm_password": "password",
16 "pm_type": "pxe_ipmitool",
17 "pm_user": "admin",
18 "pm_addr": "127.0.0.1",
19 "pm_port": "{{ node.virtualbmc_port }}",
20 {% endif %}
11 "mac": [ 21 "mac": [
12 "{{ node_mac_map.get(node.name).get('overcloud') }}" 22 "{{ node_mac_map.get(node.name).get('overcloud') }}"
13 ], 23 ],
@@ -15,8 +25,6 @@
15 "memory": "{{ flavors[node.flavor].memory }}", 25 "memory": "{{ flavors[node.flavor].memory }}",
16 "disk": "{{ flavors[node.flavor].disk }}", 26 "disk": "{{ flavors[node.flavor].disk }}",
17 "arch": "{{ libvirt_arch }}", 27 "arch": "{{ libvirt_arch }}",
18 "pm_user": "{{ ansible_user_id }}",
19 "pm_addr": "{{ host_ip }}",
20 "capabilities": "profile:{{ node.flavor }},boot_option:local" 28 "capabilities": "profile:{{ node.flavor }},boot_option:local"
21 } 29 }
22 {% if not loop.last %} 30 {% if not loop.last %}
diff --git a/roles/libvirt/setup/undercloud/tasks/main.yml b/roles/libvirt/setup/undercloud/tasks/main.yml
index 3d9ec49..e41f76e 100644
--- a/roles/libvirt/setup/undercloud/tasks/main.yml
+++ b/roles/libvirt/setup/undercloud/tasks/main.yml
@@ -86,6 +86,14 @@
86 src: "{{ undercloud_key }}.pub" 86 src: "{{ undercloud_key }}.pub"
87 dest: "{{ working_dir }}/id_rsa_undercloud.pub" 87 dest: "{{ working_dir }}/id_rsa_undercloud.pub"
88 88
89 # Copy the virt host private key to `$HOME/.ssh/id_rsa_virt_power` for
90 # VirtualBMC be able to access the hypervisor where the VMs are located
91 - name: Copy virt host ssh private key to working dir
92 when: release not in ['liberty', 'mitaka', 'newton']
93 copy:
94 src: "{{ virt_power_key }}"
95 dest: "{{ working_dir }}/id_rsa_virt_power"
96
89 # Copy the public key to `$HOME/.ssh/authorized_keys` for the `root` 97 # Copy the public key to `$HOME/.ssh/authorized_keys` for the `root`
90 # and `stack` user on the undercloud. 98 # and `stack` user on the undercloud.
91 - name: Inject undercloud ssh public key to appliance 99 - name: Inject undercloud ssh public key to appliance
@@ -106,6 +114,19 @@
106 owner: stack 114 owner: stack
107 group: stack 115 group: stack
108 116
117 # This copies the `id_rsa_virt_power` private key that we generated
118 # in the overcloud setup role to the undercloud host to be used by
119 # VirtualBMC+libvirt to access the virthost.
120 - name: Copy id_rsa_virt_power to appliance
121 when: release not in ['liberty', 'mitaka', 'newton']
122 command: >
123 virt-customize -a {{ working_dir }}/undercloud.qcow2
124 --upload '{{ working_dir }}/id_rsa_virt_power:/root/.ssh/id_rsa_virt_power'
125 --run-command 'chown root:root /root/.ssh/id_rsa_virt_power'
126 --run-command 'chmod 0600 /root/.ssh/id_rsa_virt_power'
127 environment:
128 LIBGUESTFS_BACKEND: direct
129
109 - name: Create undercloud customize script 130 - name: Create undercloud customize script
110 template: 131 template:
111 src: "{{ undercloud_customize_script }}" 132 src: "{{ undercloud_customize_script }}"
@@ -308,4 +329,3 @@
308 template: 329 template:
309 src: ssh.config.j2 330 src: ssh.config.j2
310 dest: "{{ local_working_dir }}/ssh.config.ansible" 331 dest: "{{ local_working_dir }}/ssh.config.ansible"
311
diff --git a/roles/provision/defaults/main.yml b/roles/provision/defaults/main.yml
index 667f93c..2043204 100644
--- a/roles/provision/defaults/main.yml
+++ b/roles/provision/defaults/main.yml
@@ -1,7 +1,3 @@
1# This is the name of the user the `provision` role will create on the
2# remote host.
3non_root_user: stack
4
5# The path to an ssh key (that we will generate) that can be used to 1# The path to an ssh key (that we will generate) that can be used to
6# log in to the virt host. 2# log in to the virt host.
7virt_host_key: "{{ local_working_dir }}/id_rsa_virt_host" 3virt_host_key: "{{ local_working_dir }}/id_rsa_virt_host"
diff --git a/roles/provision/remote/tasks/main.yml b/roles/provision/remote/tasks/main.yml
index 2389250..545ae33 100644
--- a/roles/provision/remote/tasks/main.yml
+++ b/roles/provision/remote/tasks/main.yml
@@ -40,6 +40,15 @@
40 shell: /bin/bash 40 shell: /bin/bash
41 become: true 41 become: true
42 42
43- name: Get the non-root user UID
44 command: "id {{ non_root_user }} -u"
45 register: non_root_user_uid_output
46 changed_when: false
47
48- name: Save the non-root user UID
49 set_fact:
50 non_root_user_uid: "{{ non_root_user_uid_output.stdout }}"
51
43# Install the public component of `virt_host_key` in the 52# Install the public component of `virt_host_key` in the
44# `.ssh/authorized_keys` file for the non-root user. 53# `.ssh/authorized_keys` file for the non-root user.
45- name: Configure non-root user authorized_keys 54- name: Configure non-root user authorized_keys
diff --git a/roles/tripleo/undercloud/tasks/post-install.yml b/roles/tripleo/undercloud/tasks/post-install.yml
index a5fb589..57f3908 100644
--- a/roles/tripleo/undercloud/tasks/post-install.yml
+++ b/roles/tripleo/undercloud/tasks/post-install.yml
@@ -24,3 +24,50 @@
24 dest: "{{ local_working_dir }}/stackrc" 24 dest: "{{ local_working_dir }}/stackrc"
25 line: "export OS_PASSWORD={{ undercloud_admin_password.stdout }}" 25 line: "export OS_PASSWORD={{ undercloud_admin_password.stdout }}"
26 regexp: "OS_PASSWORD" 26 regexp: "OS_PASSWORD"
27
28- name: Install VirtualBMC package
29 when: release not in ['liberty', 'mitaka', 'newton']
30 package:
31 name: "python2-virtualbmc"
32 state: present
33 use: yum
34 become: true
35
36- name: Create the Virtual BMCs
37 when: release not in ['liberty', 'mitaka', 'newton']
38 command: >
39 vbmc add {{item.name}} --port {{item.virtualbmc_port}} --libvirt-uri "qemu+ssh://{{ non_root_user }}@{{ networks[0].address }}/session?socket=/run/user/{{ hostvars[groups['virthost'][0]].non_root_user_uid }}/libvirt/libvirt-sock&keyfile=/root/.ssh/id_rsa_virt_power&no_verify=1&no_tty=1"
40 with_items: "{{ overcloud_nodes }}"
41 become: true
42 become_user: root
43 changed_when: false
44
45# TODO(lucasagomes): The service file should be included in the
46# virtualbmc RPM package.
47- name: Create the VirtualBMC systemd service
48 when: release not in ['liberty', 'mitaka', 'newton']
49 copy:
50 mode: 0664
51 dest: "/usr/lib/systemd/system/virtualbmc.service"
52 content: |
53 [Unit]
54 Description=VirtualBMC service
55 After=network.target
56
57 [Service]
58 Type=oneshot
59 ExecStart=/bin/bash -c 'for bmc in $(ls /root/.vbmc/); do vbmc start $bmc; done'
60 ExecStop=/bin/bash -c 'for bmc in $(ls /root/.vbmc/); do vbmc stop $bmc; done'
61 RemainAfterExit=yes
62
63 [Install]
64 WantedBy=multi-user.target
65 become: true
66
67- name: Start the Virtual BMCs
68 when: release not in ['liberty', 'mitaka', 'newton']
69 service:
70 name: virtualbmc
71 state: started
72 enabled: true
73 become: true