Skip to content

Deploying a packstack-based OpenStack test instance using Ansible

License

Notifications You must be signed in to change notification settings

EGI-Federation/ansible-packstack

Repository files navigation

ansible-packstack

Deploying a packstack-based OpenStack test instance using Ansible. Some tools specific to EGI Federated Cloud will also be installed:

OpenStack client configuration file will be created as ~/.config/openstack/clouds.yaml, pre-existing file will be backed-up.

Based on:

Using

  • Prerequisites
  • a VM with CentOS 7
  • an ssh access with a user having password-less sudo
  • a public IP registered with a FQDN
  • a certificate with its key and the CA

The ansible user is packstack by default, specify another one using -u.

# Configure Ansible remote host
cp inventory/inventory.ini.sample inventory/inventory.ini
vim inventory/inventory.ini
# Install usual CLI tools
ansible-playbook playbooks/weapons.yaml
# Install and run Packstack, configure HTTPS for Horizon and Keystone
ansible-playbook playbooks/packstack.yaml
# Once this is done it's recommended to reboot the server
# Create default OpenStack projects for FedCloud
ansible-playbook playbooks/projects.yaml
# Enable IGTF CA
ansible-playbook playbooks/igtf.yaml
# Enable Keystone VOMS support
ansible-playbook playbooks/keystone_voms.yaml
# Install OOI for OCCI endpoint
ansible-playbook playbooks/ooi.yaml

Testing

OpenStack client can use ~/.config/openstack/clouds.yaml that was created by packstack.yaml:

openstack --os-cloud server_fqdn image list

It can be tested using an handy docker wrapper.

# Listing available images
# Using configuration in ~/.config/openstack/clouds.yaml
docker run -it --rm -v ~/.config/openstack:/root/.config/openstack gbraad/openstack-client:centos openstack --os-cloud server_fqdn image list
# Retrieving a Keystone token
OS_TOKEN=$(docker run -it --rm -v ~/.config/openstack:/root/.config/openstack gbraad/openstack-client:centos openstack --os-cloud server_fqdn token issue -f value -c id)
# Testing OOI/OCCI endpoint
curl -H "x-auth-token: $OS_TOKEN" 'http://server_fqdn:8787/occi1.1/-/'

Troubleshooting

When running the packstack.yaml playbook In case of problems during the system update after the OpenStack repository configuration you may have errors related to updating python-urllib3 and to files unknown to the RPM database:

(...)
Error unpacking rpm package python2-urllib3-1.16-1.el7.noarch
error: unpacking of archive failed on file /usr/lib/python2.7/site-packages/urllib3/packages/ssl_match_hostname: cpio: rename
(...)
% ls /usr/lib/python2.7/site-packages/urllib3/packages/
backports    ordered_dict.py  six.pyc  ssl_match_hostname           ssl_match_hostname;5aba127b  ssl_match_hostname;5aba12e7
__init__.py  six.py           six.pyo  ssl_match_hostname;5aba09c7  ssl_match_hostname;5aba12a0

In that case it's possible to clear the files and relaunch the update:

sudo yum remove -y python-urllib3
sudo rm -rf /usr/lib/python2.7/site-packages/urllib3/packages
sudo yum install -y python-urllib3