Red Hat have been pushing its automated installation of OpenStack with Director based on TripleO concept over the last years. Many Telcos are adopting this concept for the flexibility and agility that automation brings. This post called “Director OSP 16.1 install short version” is a sort of summary of what I did in my lab installing director and can help you out as a reference for your installation.
TripleO is an OpenStack project that aims to utilize OpenStack itself as the foundations for deploying OpenStack. To clarify, TripleO advocates the use of native OpenStack components, and their respective API’s to configure, deploy, and manage OpenStack environments itself. Undercloud is the OpenStack component that install the actual OpenStack called Overcloud. Containers are also a key component of this architecture.
Director OSP 16.1 install short version: High level view of TripleO (Source: Red Hat)
Before anything, you will need a valid account in Red Hat Customer Portal, where you can use a valid subscription pool. If you don’t have, or you don’t know what I am saying. Stop here!
My topology is very simple: One undercloud server and one overcloud controller. Both in KVM. KVM Hosts is using Centos 7.6 and undercloud requires RHEL 8.2 for director v16.1.
Creating undercloud instance
I’ve install the undercloud server using the “rhel-8.2-x86_64-dvd.iso” and qcow2 image of 200G. I have defined the server using osp16.1_undercloud.xml
We have two linux bridges: brData and brMgt. Both bridged to different vlans in the same physical interface. brData is in the 10.5.21.0/24 network and have direct access to Internet. Anything else it’s very common. VNC port will be on 5910 tcp.
# Log into the KVM host sudo mkdir /var/lib/libvirt/images/director sudo qemu-img create -f qcow2 /var/lib/libvirt/images/director/rhel82-osp16.1_undercloud_200G.qcow2 200G sudo chown qemu:qemu /var/lib/libvirt/images/director/rhel82-osp16.1_undercloud_200G.qcow2 curl https://github.com/cloud-native-everything/osp16.1-undercloud-resources/blob/main/osp16.1_undercloud.xml -o osp16.1_undercloud.xml #Do adjustments in the XML file depending of your conditions sudo virsh define osp16.1_undercloud.xml sudo virsh start osp16.1_undercloud.xml
You will need to access via VNC. I am using VNC Real client in my mac for this. The port I have is 5910 tcp in the KVM host. However, because I don’t have direct access, I will create a tunnel with ssh from a port of the the same number in my laptop:
ssh -L 5901:localhost:5901 root@kvmhost.lab.net
Now, I only need to open my VNC real and use my local address at port 5910. When you get access to the display of the installation. Just follow the steps. In my case I leave the auto-configuration of the disk that gave me 140GB in the home folder. Enough for the requirements that I have for undercloud.
After the installation. My undercloud server got the following
#my disk configuration
[stack@undercloud ~]$ df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 12G 0 12G 0% /dev
tmpfs 12G 168K 12G 1% /dev/shm
tmpfs 12G 18M 12G 1% /run
tmpfs 12G 0 12G 0% /sys/fs/cgroup
/dev/mapper/rhel-root 50G 16G 35G 32% /
/dev/vda1 1014M 305M 710M 31% /boot
/dev/mapper/rhel-home 138G 1.1G 137G 1% /home
tmpfs 2.4G 4.0K 2.4G 1% /run/user/0
tmpfs 500M 48M 453M 10% /var/log/heat-launcher
#my network
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:e4:70:3b brd ff:ff:ff:ff:ff:ff
inet 10.5.21.150/24 brd 10.5.21.255 scope global dynamic noprefixroute ens3
valid_lft 557sec preferred_lft 557sec
inet6 fe80::f705:963b:1499:3c8c/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UP group default qlen 1000
link/ether 52:54:00:e4:71:3b brd ff:ff:ff:ff:ff:ff
inet6 fe80::5054:ff:fee4:713b/64 scope link
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:21:93:6d brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
It’s time to prepare our undercloud
Preparing Undercloud
To prepare undercloud you can follow the official documentation for this OSP release. In my case what I did was the following
# Log as root user useradd stack passwd stack # set the password # Disable password requirements when using sudo echo "stack ALL=(root) NOPASSWD:ALL" | tee -a /etc/sudoers.d/stack chmod 0440 /etc/sudoers.d/stack # START session as STACK USER su - stack mkdir ~/images mkdir ~/templates # Important set the hostname in your server sudo hostname set-hostname undercloud.lab.net # Also add this line to /etc/hosts sudo echo "10.5.21.150 undercloud.lab.net undercloud" >> /etc/hosts
Preparing Undercloud: Registering and attaching subscriptions
Before you can install director, you must run subscription-manager to register the undercloud and attach a valid Red Hat OpenStack Platform subscription.
# Assuming you're still logged as stack user
sudo subscription-manager register
sudo subscription-manager list --available --all --matches="Red Hat OpenStack"
#You will see an uotput like
Subscription Name: Name of SKU
Provides: Red Hat Single Sign-On
Red Hat Enterprise Linux Workstation
Red Hat CloudForms
Red Hat OpenStack
Red Hat Software Collections (for RHEL Workstation)
Red Hat Virtualization
SKU: SKU-Number
Contract: Contract-Number
Pool ID: AE4FE5BA4563EA66
Provides Management: Yes
Available: 1
Suggested: 1
Service Level: Support-level
Service Type: Service-Type
Subscription Type: Sub-type
Ends: End-date
System Type: Physical
# Pick one of the pool ID (i.e. AE4FE5BA4563EA66 ) and attach it to your subscription
sudo subscription-manager attach --pool=AE4FE5BA4563EA66
Lock the undercloud to Red Hat Enterprise Linux 8.2
sudo subscription-manager release --set=8.2
Preparing Undercloud: Enabling repositories
Disable all default repositories, and enable the required Red Hat Enterprise Linux repositories and setting required versions for container-tools and virt.
# disabling all default repos: sudo subscription-manager repos --disable=* # Enable the required Red Hat Enterprise Linux repositories: sudo subscription-manager repos --enable=rhel-8-for-x86_64-baseos-eus-rpms --enable=rhel-8-for-x86_64-appstream-eus-rpms --enable=rhel-8-for-x86_64-highavailability-eus-rpms --enable=ansible-2.9-for-rhel-8-x86_64-rpms --enable=openstack-16.1-for-rhel-8-x86_64-rpms --enable=fast-datapath-for-rhel-8-x86_64-rpms --enable=advanced-virt-for-rhel-8-x86_64-rpms # Setting container-tools to version 2.0 sudo dnf module disable -y container-tools:rhel8 sudo dnf module enable -y container-tools:2.0 # Setting virt version to 8.2 sudo dnf module disable -y virt:rhel sudo dnf module enable -y virt:8.2 # Perform an update on your system to ensure that you have the latest base system packages sudo dnf update -y sudo reboot
Install the the required tools for director
sudo dnf install -y python3-tripleoclient
If you need Ceph packages, or set a proxy or specific env variables, check the official documentation for this OSP release.
Create the default container image preparation file:
openstack tripleo container image prepare default \ --local-push-destination \ --output-env-file containers-prepare-parameter.yaml
This is what I had in my case in the containers-prepare-parameter.yaml after adding to this default list the security credentials:
parameter_defaults:
ContainerImagePrepare:
- push_destination: true
set:
ceph_alertmanager_image: ose-prometheus-alertmanager
ceph_alertmanager_namespace: registry.redhat.io/openshift4
ceph_alertmanager_tag: 4.1
ceph_grafana_image: rhceph-4-dashboard-rhel8
ceph_grafana_namespace: registry.redhat.io/rhceph
ceph_grafana_tag: 4
ceph_image: rhceph-4-rhel8
ceph_namespace: registry.redhat.io/rhceph
ceph_node_exporter_image: ose-prometheus-node-exporter
ceph_node_exporter_namespace: registry.redhat.io/openshift4
ceph_node_exporter_tag: v4.1
ceph_prometheus_image: ose-prometheus
ceph_prometheus_namespace: registry.redhat.io/openshift4
ceph_prometheus_tag: 4.1
ceph_tag: latest
name_prefix: openstack-
name_suffix: ''
namespace: registry.redhat.io/rhosp-rhel8
neutron_driver: ovn
rhel_containers: false
tag: '16.1'
tag_from_label: '{version}-{release}'
## Adding security Credentials
ContainerImageRegistryCredentials:
registry.redhat.io:
rh_portal_username: password
Security credentials can be the user/password you have for the Red Hat customer portal. There are other options you can check in the official documentation for this OSP release.
Installing and configuring director
Now it’s time to set your undercloud configuration file. You can copy the file from the the installation and edit it:
cp \ /usr/share/python-tripleoclient/undercloud.conf.sample \ ~/undercloud.conf
You can check every parameter in the official documentation. I have edited mine and I have something like this:
[DEFAULT] container_cli = podman container_healthcheck_disabled = false container_images_file = containers-prepare-parameter.yaml enable_ironic = true enable_ironic_inspector = true enable_mistral = true enable_nova = true enable_tempest = true enable_validations = true enable_zaqar = true heat_native = true local_interface = ens6 local_ip = 10.5.20.11/24 overcloud_domain_name = vim.nokialab.net undercloud_admin_host = 10.5.20.13 undercloud_ntp_servers = 10.5.0.50 undercloud_public_host = 10.5.20.12 [ctlplane-subnet] cidr = 10.5.20.0/24 dhcp_end = 10.5.20.124 dhcp_start = 10.5.20.105 gateway = 10.5.20.1
And finally, run the installation:
openstack undercloud install
It will run an ansible playbook for about 30 minutes or more. It must finish with nor fails.
To check it if this is running just use “sudo podman ps” and you will see all the containers of your installation running. Like the next example
[stack@undercloud ~]$ sudo podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e237cccd4c29 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-neutron-dhcp-agent:16.1 /usr/sbin/dnsmasq... 5 hours ago Up 5 hours ago neutron-dnsmasq-qdhcp-0dab07a0-304a-4855-bc3f-7a6be1c31770 78a0def9c053 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-nova-compute-ironic:16.1 kolla_start 5 hours ago Up 5 hours ago nova_compute 13924cc2ddbc undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-ironic-inspector:16.1 kolla_start 5 hours ago Up 5 hours ago ironic_inspector 84586371fce6 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-ironic-pxe:16.1 kolla_start 5 hours ago Up 5 hours ago ironic_pxe_http 900569c17917 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-ironic-pxe:16.1 /bin/bash -c BIND... 5 hours ago Up 5 hours ago ironic_pxe_tftp cb07087c003c undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-ironic-neutron-agent:16.1 kolla_start 5 hours ago Up 5 hours ago ironic_neutron_agent 370fd6ae9917 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-ironic-conductor:16.1 kolla_start 5 hours ago Up 5 hours ago ironic_conductor 9c69c89f1fdc undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-mistral-api:16.1 kolla_start 5 hours ago Up 5 hours ago mistral_api 13d7c5f33855 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-neutron-openvswitch-agent:16.1 kolla_start 5 hours ago Up 5 hours ago neutron_ovs_agent 94b1434e2710 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-neutron-l3-agent:16.1 kolla_start 5 hours ago Up 5 hours ago neutron_l3_agent bf38a03a862e undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-neutron-dhcp-agent:16.1 kolla_start 5 hours ago Up 5 hours ago neutron_dhcp c67fe4d35720 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-ironic-api:16.1 kolla_start 5 hours ago Up 5 hours ago ironic_api 801167d631d8 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-nova-api:16.1 kolla_start 5 hours ago Up 5 hours ago nova_api_cron 0358b771d0bc undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-proxy-server:16.1 kolla_start 5 hours ago Up 5 hours ago swift_proxy c2d378932545 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-nova-api:16.1 kolla_start 5 hours ago Up 5 hours ago nova_api 93d434c29430 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-glance-api:16.1 kolla_start 5 hours ago Up 5 hours ago glance_api 31c9e8c1f2a6 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-placement-api:16.1 kolla_start 5 hours ago Up 5 hours ago placement_api 92d5fb4c5422 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-zaqar-wsgi:16.1 kolla_start 5 hours ago Up 5 hours ago zaqar_websocket 5f1d5de56173 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-zaqar-wsgi:16.1 kolla_start 5 hours ago Up 5 hours ago zaqar b7f0803d5790 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-object:16.1 kolla_start 5 hours ago Up 5 hours ago swift_rsync f37942473801 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-object:16.1 kolla_start 5 hours ago Up 5 hours ago swift_object_updater 0080ad9ed6ad undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-object:16.1 kolla_start 5 hours ago Up 5 hours ago swift_object_server ee77ef95dbb4 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-proxy-server:16.1 kolla_start 5 hours ago Up 5 hours ago swift_object_expirer 6d4a5ded7621 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-container:16.1 kolla_start 5 hours ago Up 5 hours ago swift_container_updater 9d0b93c0c134 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-container:16.1 kolla_start 5 hours ago Up 5 hours ago swift_container_server e86f85ee1cec undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-account:16.1 kolla_start 5 hours ago Up 5 hours ago swift_account_server cf57b4b01860 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-swift-account:16.1 kolla_start 5 hours ago Up 5 hours ago swift_account_reaper a88c70666152 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-nova-scheduler:16.1 kolla_start 5 hours ago Up 5 hours ago nova_scheduler 15ce7c338d60 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-nova-conductor:16.1 kolla_start 5 hours ago Up 5 hours ago nova_conductor d9acde39646d undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-neutron-server:16.1 kolla_start 5 hours ago Up 5 hours ago neutron_api fe25820d5b54 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-mistral-executor:16.1 kolla_start 5 hours ago Up 5 hours ago mistral_executor 0edcc3830fd0 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-mistral-event-engine:16.1 kolla_start 5 hours ago Up 5 hours ago mistral_event_engine b9b85713d37f undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-mistral-engine:16.1 kolla_start 5 hours ago Up 5 hours ago mistral_engine 7e69335ce57f undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-cron:16.1 kolla_start 5 hours ago Up 5 hours ago logrotate_crond 80a414b76f94 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-heat-engine:16.1 kolla_start 5 hours ago Up 5 hours ago heat_engine d22a89f64bfc undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-heat-api:16.1 kolla_start 5 hours ago Up 5 hours ago heat_api_cron 09c0e7049e85 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-heat-api:16.1 kolla_start 5 hours ago Up 5 hours ago heat_api 9b137af43796 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-keystone:16.1 kolla_start 5 hours ago Up 5 hours ago keystone 7926b5055be4 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-iscsid:16.1 kolla_start 5 hours ago Up 5 hours ago iscsid b372033480d1 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-mariadb:16.1 kolla_start 5 hours ago Up 5 hours ago mysql ea129ad7cffe undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-rabbitmq:16.1 kolla_start 5 hours ago Up 5 hours ago rabbitmq 6127ebad6f9b undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-haproxy:16.1 kolla_start 5 hours ago Up 5 hours ago haproxy 2ecea770d747 undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-memcached:16.1 kolla_start 5 hours ago Up 5 hours ago memcached 593129a9464a undercloud.ctlplane.lab.net:8787/rhosp-rhel8/openstack-keepalived:16.1 /usr/local/bin/ko... 5 hours ago Up 5 hours ago keepalived
Troubleshooting
After running your playbook I got this error the first time
Gathering Facts ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ 2.89s
tripleo-bootstrap : Create empty ruleset in /etc/sysconfig/iptables and /etc/sysconfig/ip6tables --------------------------------------------------------------------------------------------- 1.49s
authorize httpd to listen on registry ports -------------------------------------------------------------------------------------------------------------------------------------------------- 1.49s
Exception: Deployment failed
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/tripleoclient/v1/tripleo_deploy.py", line 1328, in _standalone_deploy
raise exceptions.DeploymentError('Deployment failed')
tripleoclient.exceptions.DeploymentError: Deployment failed
None
Install artifact is located at /home/stack/undercloud-install-20201109192939.tar.bzip2
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Deployment Failed!
ERROR: Heat log files: /var/log/heat-launcher/undercloud_deploy-yq719off
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Deployment failed.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
An error has occured while deploying the Undercloud.
See the previous output for details about what went wrong.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Then, I uncompressed the indicated file, in this case: undercloud-install-20201109192939.tar.bzip2 and I took a look into the folder undercloud-ansible-xi9xz0u9. Inside, I checked ERROR messages and I found this (check full log file in github)
...ERROR:root:Image prepare failed: Unable to authenticate. This may indicate missing registry credentials or the provided container or namespace does not exist. 401 Client Error: Unauthorized for url: https://registry.redhat.io/auth/realms/rhcc/protocol/redhat-docker-v2/auth?service=docker-registry&scope=repository%3Arhosp-rhel8%2Fopenstack-swift-object%3Apull Not sure why is pulling swift, If I didn’t enable it...
I pulled this out fixing my user/password credentials in the containers-prepare-parameter.yaml file
## Adding security Credentials Container
ContainerImageRegistryCredentials:
registry.redhat.io:
user_name: password
Security credentials can be the user/password you have for the Red Hat customer portal. There are other options you can check in the official documentation for this OSP release.
Thanks for reading my post “Director OSP 16.1 install short version”. See ya!
