devtest_overcloud

1. Create your overcloud control plane image. This is the image the undercloud will deploy to become the KVM (or QEMU, Xen, etc.) cloud control plane. $OVERCLOUD_CONTROL_DIB_EXTRA_ARGS and $OVERCLOUD_COMPUTE_DIB_EXTRA_ARGS are meant to be used to pass additional build-time specific arguments to disk-image-create. SSL_ELEMENT is used when building a cloud with SSL endpoints - it should be set to openstack-ssl in that situation.

   NODE_ARCH=$(os-apply-config -m $TE_DATAFILE --key arch --type raw)
       $TRIPLEO_ROOT/diskimage-builder/bin/disk-image-create $NODE_DIST \
           -a $NODE_ARCH -o $TRIPLEO_ROOT/overcloud-control hosts \
           boot-stack cinder-api cinder-volume os-collect-config \
           neutron-network-node dhcp-all-interfaces swift-proxy swift-storage \
           $DIB_COMMON_ELEMENTS $OVERCLOUD_CONTROL_DIB_EXTRA_ARGS ${SSL_ELEMENT:-} 2>&1 | \
           tee $TRIPLEO_ROOT/dib-overcloud-control.log

2. Load the image into Glance:

   OVERCLOUD_CONTROL_ID=$(load-image -d $TRIPLEO_ROOT/overcloud-control.qcow2)

3. Create your overcloud compute image. This is the image the undercloud deploys to host KVM (or QEMU, Xen, etc.) instances.

   NODE_ARCH=$(os-apply-config -m $TE_DATAFILE --key arch --type raw)
       $TRIPLEO_ROOT/diskimage-builder/bin/disk-image-create $NODE_DIST \
           -a $NODE_ARCH -o $TRIPLEO_ROOT/overcloud-compute hosts \
           nova-compute nova-kvm neutron-openvswitch-agent os-collect-config \
           dhcp-all-interfaces $DIB_COMMON_ELEMENTS $OVERCLOUD_COMPUTE_DIB_EXTRA_ARGS 2>&1 | \
           tee $TRIPLEO_ROOT/dib-overcloud-compute.log

4. Load the image into Glance:

   OVERCLOUD_COMPUTE_ID=$(load-image -d $TRIPLEO_ROOT/overcloud-compute.qcow2)

5. For running an overcloud in VM’s. For Physical machines, set to kvm:

   OVERCLOUD_LIBVIRT_TYPE=${OVERCLOUD_LIBVIRT_TYPE:-"qemu"}

6. Set the public interface of overcloud network node::

   NeutronPublicInterface=${NeutronPublicInterface:-'eth0'}

7. If you want to permit VM’s access to bare metal networks, you need to define flat-networks and bridge mappings in Neutron::

   OVERCLOUD_FLAT_NETWORKS=${OVERCLOUD_FLAT_NETWORKS:-''}
   OVERCLOUD_BRIDGE_MAPPINGS=${OVERCLOUD_BRIDGE_MAPPINGS:-''}
   OVERCLOUD_HYPERVISOR_PHYSICAL_BRIDGE=${OVERCLOUD_HYPERVISOR_PHYSICAL_BRIDGE:-''}
   OVERCLOUD_HYPERVISOR_PUBLIC_INTERFACE=${OVERCLOUD_HYPERVISOR_PUBLIC_INTERFACE:-''}

8. If you are using SSL, your compute nodes will need static mappings to your endpoint in /etc/hosts (because we don’t do dynamic undercloud DNS yet). set this to the DNS name you’re using for your SSL certificate - the heat template looks up the controller address within the cloud.

   OVERCLOUD_NAME=${OVERCLOUD_NAME:-‘’}

9. Choose whether to deploy or update. Use stack-update to update:

   HEAT_OP=stack-create
   

10. Deploy an overcloud:

    setup-overcloud-passwords
    source tripleo-overcloud-passwords
    
    make -C $TRIPLEO_ROOT/tripleo-heat-templates overcloud.yaml COMPUTESCALE=$OVERCLOUD_COMPUTESCALE
    heat $HEAT_OP -f $TRIPLEO_ROOT/tripleo-heat-templates/overcloud.yaml \
        -P "AdminToken=${OVERCLOUD_ADMIN_TOKEN}" \
        -P "AdminPassword=${OVERCLOUD_ADMIN_PASSWORD}" \
        -P "CinderPassword=${OVERCLOUD_CINDER_PASSWORD}" \
        -P "CloudName=${OVERCLOUD_NAME}" \
        -P "GlancePassword=${OVERCLOUD_GLANCE_PASSWORD}" \
        -P "HeatPassword=${OVERCLOUD_HEAT_PASSWORD}" \
        -P "HypervisorNeutronPhysicalBridge=${OVERCLOUD_HYPERVISOR_PHYSICAL_BRIDGE}" \
        -P "HypervisorNeutronPublicInterface=${OVERCLOUD_HYPERVISOR_PUBLIC_INTERFACE}" \
        -P "NeutronFlatNetworks=${OVERCLOUD_FLAT_NETWORKS}" \
        -P "NeutronBridgeMappings=${OVERCLOUD_BRIDGE_MAPPINGS}" \
        -P "NeutronPassword=${OVERCLOUD_NEUTRON_PASSWORD}" \
        -P "NovaPassword=${OVERCLOUD_NOVA_PASSWORD}" \
        -P "NeutronPublicInterface=${NeutronPublicInterface}" \
        -P "SwiftPassword=${OVERCLOUD_SWIFT_PASSWORD}" \
        -P "SwiftHashSuffix=${OVERCLOUD_SWIFT_HASH}" \
        -P "NovaComputeLibvirtType=${OVERCLOUD_LIBVIRT_TYPE}" \
        -P "SSLCertificate=${OVERCLOUD_SSL_CERT}" \
        -P "SSLKey=${OVERCLOUD_SSL_KEY}" \
        overcloud

    You can watch the console via virsh/virt-manager to observe the PXE boot/deploy process. After the deploy is complete, the machines will reboot and be available.

11. While we wait for the stack to come up, build an end user disk image and register it with glance.:

    $TRIPLEO_ROOT/diskimage-builder/bin/disk-image-create $NODE_DIST vm \
        -a $NODE_ARCH -o $TRIPLEO_ROOT/user 2>&1 | tee $TRIPLEO_ROOT/dib-user.log

12. Get the overcloud IP from ‘nova list’

    wait_for 300 10 stack-ready overcloud
    export OVERCLOUD_IP=$(nova list | grep notCompute0.*ctlplane | sed  -e "s/.*=\\([0-9.]*\\).*/\1/")

13. We don’t (yet) preserve ssh keys on rebuilds.

    ssh-keygen -R $OVERCLOUD_IP

14. Source the overcloud configuration:

    source $TRIPLEO_ROOT/tripleo-incubator/overcloudrc

15. Exclude the overcloud from proxies:

    export no_proxy=$no_proxy,$OVERCLOUD_IP

16. If we updated the cloud we don’t need to do admin setup again - skip down to ‘Wait for nova-compute’.

17. Perform admin setup of your overcloud.

    init-keystone -p $OVERCLOUD_ADMIN_PASSWORD $OVERCLOUD_ADMIN_TOKEN \
        $OVERCLOUD_IP admin@example.com heat-admin@$OVERCLOUD_IP \
        ${SSLBASE:+--ssl $PUBLIC_API_URL}
    setup-endpoints $OVERCLOUD_IP --cinder-password $OVERCLOUD_CINDER_PASSWORD \
        --glance-password $OVERCLOUD_GLANCE_PASSWORD \
        --heat-password $OVERCLOUD_HEAT_PASSWORD \
        --neutron-password $OVERCLOUD_NEUTRON_PASSWORD \
        --nova-password $OVERCLOUD_NOVA_PASSWORD \
        --swift-password $OVERCLOUD_SWIFT_PASSWORD \
        ${SSLBASE:+--ssl $PUBLIC_API_URL}
    keystone role-create --name heat_stack_user
    user-config
    setup-neutron "" "" 10.0.0.0/8 "" "" "" 192.0.2.45 192.0.2.64 192.0.2.0/24

18. If you want a demo user in your overcloud (probably a good idea).

    os-adduser -p $OVERCLOUD_DEMO_PASSWORD demo demo@example.com

19. Workaround https://bugs.launchpad.net/diskimage-builder/+bug/1211165.

    nova flavor-delete m1.tiny
    nova flavor-create m1.tiny 1 512 2 1

20. Register the end user image with glance.

    glance image-create --name user --public --disk-format qcow2 \
        --container-format bare --file $TRIPLEO_ROOT/user.qcow2

21. Wait for Nova Compute

    wait_for 30 10 nova service-list --binary nova-compute 2\>/dev/null \| grep 'enabled.*\ up\ '

22. Wait for L2 Agent On Nova Compute

    wait_for 30 10 neutron agent-list -f csv -c alive -c agent_type -c host \| grep "\":-).*Open vSwitch agent.*overcloud-novacompute\""

23. Log in as a user.

    source $TRIPLEO_ROOT/tripleo-incubator/overcloudrc-user

24. If you just created the cloud you need to add your keypair to your user.

    user-config
    

25. So that you can deploy a VM.

    nova boot --key-name default --flavor m1.tiny --image user demo

26. Add an external IP for it.

    wait_for 10 5 neutron port-list -f csv -c id --quote none \| grep id
    PORT=$(neutron port-list -f csv -c id --quote none | tail -n1)
    FLOATINGIP=$(neutron floatingip-create ext-net --port-id "${PORT//[[:space:]]/}" | awk '$2=="floating_ip_address" {print $4}')

27. And allow network access to it.

    neutron security-group-rule-create default --protocol icmp \
        --direction ingress --port-range-min 8 --port-range-max 8
    neutron security-group-rule-create default --protocol tcp \
        --direction ingress --port-range-min 22 --port-range-max 22

28. After which, you should be able to ping it

    wait_for 30 10 ping -c 1 $FLOATINGIP