devtest_overcloud ================= #. Create your overcloud control plane image. This is the image the undercloud will deploy to become the KVM (or QEMU, Xen, etc.) cloud control plane. $OVERCLOUD_CONTROL_DIB_EXTRA_ARGS and $OVERCLOUD_COMPUTE_DIB_EXTRA_ARGS are meant to be used to pass additional build-time specific arguments to disk-image-create. SSL_ELEMENT is used when building a cloud with SSL endpoints - it should be set to openstack-ssl in that situation. :: NODE_ARCH=$(os-apply-config -m $TE_DATAFILE --key arch --type raw) $TRIPLEO_ROOT/diskimage-builder/bin/disk-image-create $NODE_DIST \ -a $NODE_ARCH -o $TRIPLEO_ROOT/overcloud-control hosts \ boot-stack cinder-api cinder-volume os-collect-config \ neutron-network-node dhcp-all-interfaces swift-proxy swift-storage \ $DIB_COMMON_ELEMENTS $OVERCLOUD_CONTROL_DIB_EXTRA_ARGS ${SSL_ELEMENT:-} 2>&1 | \ tee $TRIPLEO_ROOT/dib-overcloud-control.log #. Load the image into Glance: :: OVERCLOUD_CONTROL_ID=$(load-image -d $TRIPLEO_ROOT/overcloud-control.qcow2) #. Create your overcloud compute image. This is the image the undercloud deploys to host KVM (or QEMU, Xen, etc.) instances. :: NODE_ARCH=$(os-apply-config -m $TE_DATAFILE --key arch --type raw) $TRIPLEO_ROOT/diskimage-builder/bin/disk-image-create $NODE_DIST \ -a $NODE_ARCH -o $TRIPLEO_ROOT/overcloud-compute hosts \ nova-compute nova-kvm neutron-openvswitch-agent os-collect-config \ dhcp-all-interfaces $DIB_COMMON_ELEMENTS $OVERCLOUD_COMPUTE_DIB_EXTRA_ARGS 2>&1 | \ tee $TRIPLEO_ROOT/dib-overcloud-compute.log #. Load the image into Glance: :: OVERCLOUD_COMPUTE_ID=$(load-image -d $TRIPLEO_ROOT/overcloud-compute.qcow2) #. For running an overcloud in VM's. For Physical machines, set to kvm: :: OVERCLOUD_LIBVIRT_TYPE=${OVERCLOUD_LIBVIRT_TYPE:-"qemu"} #. Set the public interface of overcloud network node:: :: NeutronPublicInterface=${NeutronPublicInterface:-'eth0'} #. If you want to permit VM's access to bare metal networks, you need to define flat-networks and bridge mappings in Neutron:: :: OVERCLOUD_FLAT_NETWORKS=${OVERCLOUD_FLAT_NETWORKS:-''} OVERCLOUD_BRIDGE_MAPPINGS=${OVERCLOUD_BRIDGE_MAPPINGS:-''} OVERCLOUD_HYPERVISOR_PHYSICAL_BRIDGE=${OVERCLOUD_HYPERVISOR_PHYSICAL_BRIDGE:-''} OVERCLOUD_HYPERVISOR_PUBLIC_INTERFACE=${OVERCLOUD_HYPERVISOR_PUBLIC_INTERFACE:-''} #. If you are using SSL, your compute nodes will need static mappings to your endpoint in /etc/hosts (because we don't do dynamic undercloud DNS yet). set this to the DNS name you're using for your SSL certificate - the heat template looks up the controller address within the cloud. OVERCLOUD_NAME=${OVERCLOUD_NAME:-''} #. Choose whether to deploy or update. Use stack-update to update:: HEAT_OP=stack-create #. Deploy an overcloud:: setup-overcloud-passwords source tripleo-overcloud-passwords make -C $TRIPLEO_ROOT/tripleo-heat-templates overcloud.yaml COMPUTESCALE=$OVERCLOUD_COMPUTESCALE heat $HEAT_OP -f $TRIPLEO_ROOT/tripleo-heat-templates/overcloud.yaml \ -P "AdminToken=${OVERCLOUD_ADMIN_TOKEN}" \ -P "AdminPassword=${OVERCLOUD_ADMIN_PASSWORD}" \ -P "CinderPassword=${OVERCLOUD_CINDER_PASSWORD}" \ -P "CloudName=${OVERCLOUD_NAME}" \ -P "GlancePassword=${OVERCLOUD_GLANCE_PASSWORD}" \ -P "HeatPassword=${OVERCLOUD_HEAT_PASSWORD}" \ -P "HypervisorNeutronPhysicalBridge=${OVERCLOUD_HYPERVISOR_PHYSICAL_BRIDGE}" \ -P "HypervisorNeutronPublicInterface=${OVERCLOUD_HYPERVISOR_PUBLIC_INTERFACE}" \ -P "NeutronFlatNetworks=${OVERCLOUD_FLAT_NETWORKS}" \ -P "NeutronBridgeMappings=${OVERCLOUD_BRIDGE_MAPPINGS}" \ -P "NeutronPassword=${OVERCLOUD_NEUTRON_PASSWORD}" \ -P "NovaPassword=${OVERCLOUD_NOVA_PASSWORD}" \ -P "NeutronPublicInterface=${NeutronPublicInterface}" \ -P "SwiftPassword=${OVERCLOUD_SWIFT_PASSWORD}" \ -P "SwiftHashSuffix=${OVERCLOUD_SWIFT_HASH}" \ -P "NovaComputeLibvirtType=${OVERCLOUD_LIBVIRT_TYPE}" \ -P "SSLCertificate=${OVERCLOUD_SSL_CERT}" \ -P "SSLKey=${OVERCLOUD_SSL_KEY}" \ overcloud You can watch the console via virsh/virt-manager to observe the PXE boot/deploy process. After the deploy is complete, the machines will reboot and be available. #. While we wait for the stack to come up, build an end user disk image and register it with glance.:: $TRIPLEO_ROOT/diskimage-builder/bin/disk-image-create $NODE_DIST vm \ -a $NODE_ARCH -o $TRIPLEO_ROOT/user 2>&1 | tee $TRIPLEO_ROOT/dib-user.log #. Get the overcloud IP from 'nova list' :: wait_for 300 10 stack-ready overcloud export OVERCLOUD_IP=$(nova list | grep notCompute0.*ctlplane | sed -e "s/.*=\\([0-9.]*\\).*/\1/") #. We don't (yet) preserve ssh keys on rebuilds. :: ssh-keygen -R $OVERCLOUD_IP #. Source the overcloud configuration:: source $TRIPLEO_ROOT/tripleo-incubator/overcloudrc #. Exclude the overcloud from proxies:: export no_proxy=$no_proxy,$OVERCLOUD_IP #. If we updated the cloud we don't need to do admin setup again - skip down to 'Wait for nova-compute'. #. Perform admin setup of your overcloud. :: init-keystone -p $OVERCLOUD_ADMIN_PASSWORD $OVERCLOUD_ADMIN_TOKEN \ $OVERCLOUD_IP admin@example.com heat-admin@$OVERCLOUD_IP \ ${SSLBASE:+--ssl $PUBLIC_API_URL} setup-endpoints $OVERCLOUD_IP --cinder-password $OVERCLOUD_CINDER_PASSWORD \ --glance-password $OVERCLOUD_GLANCE_PASSWORD \ --heat-password $OVERCLOUD_HEAT_PASSWORD \ --neutron-password $OVERCLOUD_NEUTRON_PASSWORD \ --nova-password $OVERCLOUD_NOVA_PASSWORD \ --swift-password $OVERCLOUD_SWIFT_PASSWORD \ ${SSLBASE:+--ssl $PUBLIC_API_URL} keystone role-create --name heat_stack_user user-config setup-neutron "" "" 10.0.0.0/8 "" "" "" 192.0.2.45 192.0.2.64 192.0.2.0/24 #. If you want a demo user in your overcloud (probably a good idea). :: os-adduser -p $OVERCLOUD_DEMO_PASSWORD demo demo@example.com #. Workaround https://bugs.launchpad.net/diskimage-builder/+bug/1211165. :: nova flavor-delete m1.tiny nova flavor-create m1.tiny 1 512 2 1 #. Register the end user image with glance. :: glance image-create --name user --public --disk-format qcow2 \ --container-format bare --file $TRIPLEO_ROOT/user.qcow2 #. Wait for Nova Compute :: wait_for 30 10 nova service-list --binary nova-compute 2\>/dev/null \| grep 'enabled.*\ up\ ' #. Wait for L2 Agent On Nova Compute :: wait_for 30 10 neutron agent-list -f csv -c alive -c agent_type -c host \| grep "\":-).*Open vSwitch agent.*overcloud-novacompute\"" #. Log in as a user. :: source $TRIPLEO_ROOT/tripleo-incubator/overcloudrc-user #. If you just created the cloud you need to add your keypair to your user. :: user-config #. So that you can deploy a VM. :: nova boot --key-name default --flavor m1.tiny --image user demo #. Add an external IP for it. :: wait_for 10 5 neutron port-list -f csv -c id --quote none \| grep id PORT=$(neutron port-list -f csv -c id --quote none | tail -n1) FLOATINGIP=$(neutron floatingip-create ext-net --port-id "${PORT//[[:space:]]/}" | awk '$2=="floating_ip_address" {print $4}') #. And allow network access to it. :: neutron security-group-rule-create default --protocol icmp \ --direction ingress --port-range-min 8 --port-range-max 8 neutron security-group-rule-create default --protocol tcp \ --direction ingress --port-range-min 22 --port-range-max 22 #. After which, you should be able to ping it :: wait_for 30 10 ping -c 1 $FLOATINGIP