README.adoc

Red Hat Open Stack

Table of Contents

• 1. Introduction
• Terminology
• 2. Requirements
  • 2.1. Passwordstore
  • 2.2. VPN
• 3. RHOSP authentication
  • 3.1. Ansible playbooks
    • 3.1.1. openstack_auth_passstore_v3password
• 4. Ansible Inventory
• 5. VM Provisioning
  • 5.1. Preparing the Provisioning
    • 5.1.1. OS Image
    • 5.1.2. Flavors
    • 5.1.3. Networks
  • 5.2. Provision the VM
• 6. Connect to a RHOSP instance
• 7. Deploy OCP on RHOSP
• 8. OpenStack CLI

1. Introduction

This document describes the tools that help provision and maintain infrastructure on a Red Hat Openstack Platform.

The tools implemented are the following:

• Provision VMs on RHOSP

• Provision OCP cluster on RHOSP

Terminology

Glossary of terms used.

FS

Filesystem

Host

Target OpenStack instance or VM

OCP

OpenShift Container Platform

RHOSP

Red Hat OpenStack Platform

2. Requirements

The following requirements must be met to fully use this project.

2.1. Passwordstore

Passwordstore is used during the execution of the ansible playbooks when RHOSP instances or OCP clusters are created/removed. In one hand it provides information for the deployment process, such as RHOSP authentication, and also to store the results of the process and be used as Ansible inventory.

ℹ️	All RHOSP information will be stored under the /openstack passwordstore folder.

2.2. VPN

This document assumes that you have access to the RHOSP infrastructure. In the case of RHOS-PSI it is only available connected to the Red Hat VPN.

3. RHOSP authentication

As this project connects to a RHOSP infrastructure, authenticating against that platform is needed. Before using this project collect the authentication information that fits your needs.

The default authentication plugin for this project is v3password. In order to use this plugin the following information is required.

Table 1. RHOSP authentication information

Variable	Meaning
auth_type	Authentication plugin that will be used to handle the authentication process. In this scenario the value will be v3password. 💡 Other values can be selected such as v3token. Check the openstack CLI man page or the OpenStack CLI web man for a list of possible plugins.
auth_url	Authentication URL
password	Authentication password
project_domain_name	Domain name or ID containing project
project_name	Project-level authentication scope (name or ID)
username	Authentication username
user_domain_name	Domain name or ID containing user

💡	For more detailed information on RHSOP authentication check the OpenStack CLI Authentication document.

3.1. Ansible playbooks

2 Ansible playbooks are already available to collect the required authentication information from passwordstore.

• openstack_auth_passstore_v3password.yml ⇐ Default

• openstack_auth_passstore_v3applicationcredential.yml

These playbooks collect the required information from the passwordstore and fill the rhos_auth map and rhos_auth_type Ansible host variables that are later used on Playbooks and Roles.

3.1.1. openstack_auth_passstore_v3password

The default authentication playbook is openstack_auth_passstore_v3password.yml and uses the v3password authentication plugin. It collects the required information from the passwordstore.

Table 2. Source for v3password authentication

Variable		Passwordstore source
rhos_auth
	auth_url	openstack/host/os_auth_url
	password	openstack/host/console_pw
	password	openstack/host/console_pw
	project_domain_name	openstack/host/os_domain
	project_name	openstack/host/project_name
	username	openstack/host/console_user
	user_domain_name	openstack/host/console_domain
rhos_auth_type		Authentication plugin used, with is v3password in this case.

Click to show sample Ansible Playbook for setting the RHOSP authentication facts

link:../ansible/playbook/openstack/openstack_auth_passstore_v3password.yml[role=include]

4. Ansible Inventory

The inventory of all RHOSP hosts is managed by Ansible.

ℹ️	Please refer to our Ansible Document for more information on the project Ansible Inventory.

The host information will be stored under the openstack folder where a sub-folder exists for each host. It also stores the SSH public and secret keys locally on the user’s ~/.ssh folder.

5. VM Provisioning

The main goal of the RHOSP tools is to provision hosts and store their information on the team passwordstore inventory for later use by the team members.

Prior to deploying a host aspects such as the OS image and the sizing of the host must be addressed.

5.1. Preparing the Provisioning

⚠️	The examples provided here are photos of a specific time frame and RHOSP implementation. To get and updated lists of your available images and flavors check your RHOSP cluster using either the RHOSP console or the RHOSP CLI.

5.1.1. OS Image

A virtual machine image is a file that contains a virtual disk with a bootable operating system installed.

— RedHat RHOSP Documentation
The Image service (glance)

To identify available images and choose which one to use check our docs on the RHOSP CLI tool which describe some of the most used commands.

Table 3. Sample OpenStack Cloud image list

ID	Name	Status
0b7d28c6-56ec-4d72-	Fedora-Cloud-Base-30	active
59ed78ec-c632-4a9d-	Fedora-Cloud-Base-32	active
6e6327eb-522a-4d7e-	Fedora-Cloud-Base-33	active
e5b85cf9-6b7c-44a0-	Fedora-Cloud-Base-34	active
8b8ab2a1-e349-4313-	Fedora-Cloud-Base-35	active
ca58d538-674d-40c8-	Fedora-Cloud-Base-36	active
cbea8fed-	Fedora-Cloud-Base-37	active

5.1.2. Flavors

In OpenStack, flavors define the compute, memory, and storage capacity of nova computing instances. To put it simply, a flavor is an available hardware configuration for a server. It defines the size of a virtual server that can be launched.

— RedHat RHOSP Documentation
Flavors

Reduced list of flavors obtained from our RHOSP cluster.

Table 4. Sample OpenStack Flavor information

Flavor	VCPUS	RAM	Total Disks	Root Disk	Ephemeral Disk
m1.medium	2	4 GB	40 GB	40 GB	0 GB
ci.m1.medium	2	4 GB	40 GB	40 GB	0 GB
ci.m1.medium.large	4	4 GB	16 GB	16 GB	0 GB
ci.m4.xlarge	4	16 GB	40 GB	40 GB	0 GB
ci.m5.large	16	32GB	40GB	40GB	0GB
g.standard.xxl	12	24GB	120GB	120GB	0GB
ocp4.single-node	24	48GB	200GB	200GB	0GB
ocp4.control	4	16GB	100GB	100GB	0GB
ocp4.compute	2	8GB	100GB	100GB	0GB
ocp4.bootstrap	4	16GB	100GB	100GB	0GB

5.1.3. Networks

A network is an isolated Layer 2 networking segment.

— RedHat RHOSP Documentation
Network

provider_net_shared is the default network to be used.

Sample network list

+-------------------------+-------------------------+--------------------------+
| ID                      | Name                    | Subnets                  |
+-------------------------+-------------------------+--------------------------+
| 0e212597-e475-4c4a-     | provider_net_cci_13     | d3b1c702-bb71-4547-8cf0- |
| a4fa-db71f84ec04c       |                         | 2ff5f9802595             |
| 5058fef2-f89f-4e70-     | provider_net_cci_7      | eb8db9f4-a76f-4fe2-a0bd- |
| 9e01-66af2847ddc4       |                         | f932bc20dfa1             |
| 68a8220a-20f4-4940-     | provider_net_cci_4      | 10a8b6b3-7ff5-4933-9e31- |
| 99b4-45b6f98bce6b       |                         | 9be0f25d745e             |
| 6a32627e-d98d-40d8-     | provider_net_shared     | b7e7d2b5-efc1-462a-96ec- |
| 9324-5da7cf1452fc       |                         | eda940820520             |
+-------------------------+-------------------------+--------------------------+

More information on RHOSP networks on our OpenStack CLI document and in the OpenStack CLI official documentation.

5.2. Provision the VM

Once the system configuration is identified it’s time to create a new Host which can be done using our pre-prepared Ansible Playbooks.

⚠️

Detailed documentation on Host provisioning can be found at our OpenStack Ansible Playbooks document. On this document you’ll find: list of the available playbooks; execution instructions to perform the VM provision operations, including all the parameters available on the playbooks inormation on the outputs of each playbook

To quickly create a Host you can use the following command, taking care to check the network, image, flavor and vm_name variables that should be filled according to your implementation.

Create OpenStack Host command

ansible-playbook ansible/playbook/openstack/openstack_vm_create_passwordstore.yml -e '{"openstack": {"vm": {"network": "provider_net_shared","image": "Fedora-Cloud-Base-37", "flavor": "m1.medium"}}}' -e vm_name=snowdrop_sample_vm

To delete the newly created host execute the following command.

Remove OpenStack Host command

ansible-playbook ansible/playbook/openstack/openstack_vm_remove_passwordstore.yml -e vm_name=snowdrop_sample_vm

6. Connect to a RHOSP instance

To improve usability the tools/passstore-vm-ssh.sh bash script has been created. It makes it easier to connect to any host under the project’s Ansible Inventory.

More documentation on the bash script can be found here.

To SSH connect to a VM use the bash script.

Sample connection execution

./tools/passstore-vm-ssh.sh openstack snowdrop_sample_vm

This should connect ot the newly created VM.

Last login: Thu Jan 1 00:00:00 1970 from x.x.x.x
------------------

This machine is property of RedHat.
Access is forbidden to all unauthorized person.
All activity is being monitored.

Welcome to snowdrop_sample_vm.

7. Deploy OCP on RHOSP

Set of Ansible Playbooks and Roles that deploy an OCP cluster on RHOSP.

This set of Ansible playbooks will provision an OCP cluster, tailored to the selected size. It will also provision a jump server that will allow ssh connections to the cluster nodes.

To perform this installation check the OCP on RHOSP Ansible Playbooks document.

8. OpenStack CLI

The OpenStack CLI tool comes very handy to perform several checks and information collection. We’ve created the RHOSP CLI document to describe some of the most used commands.