stackhpc · markgoddard · May 31, 2022 · Jan 7, 2022 · Jan 10, 2022
@@ -221,8 +221,104 @@ Environments
 
 The following Kayobe environments are provided with this configuration:
 
+* ``ci-aio``: deploys an all-in-one converged control/compute cloud for testing
 * ``ci-builder``: builds container images
 
+ci-aio
+------
+
+Prerequisites
+^^^^^^^^^^^^^
+
+* a CentOS Stream 8 host
+* access to the local Pulp server
+
+Setup
+^^^^^
+
+Access the host via SSH.
+
+Clone the Kayobe and Kayobe configuration repositories (this one):
+
+.. code-block:: console
+
+   cd
+   mkdir -p src
+   pushd src
+   git clone https://github.com/stackhpc/kayobe.git -b stackhpc/wallaby
+   git clone https://github.com/stackhpc/stackhpc-kayobe-config -b stackhpc/wallaby
+   popd
+
+Create a virtual environment and install Kayobe:
+
+.. code-block:: console
+
+   cd
+   mkdir -p venvs
+   pushd venvs
+   virtualenv kayobe
+   source kayobe/bin/activate
+   pip install -U pip
+   pip install ../src/kayobe
+   popd
+
+Add initial network configuration:
+
+.. code-block:: console
+
+   sudo ip l add breth1 type bridge
+   sudo ip l set breth1 up
+   sudo ip a add 192.168.33.3/24 dev breth1
+   sudo ip l add dummy1 type dummy
+   sudo ip l set dummy1 up
+   sudo ip l set dummy1 master breth1
+
+Installation
+^^^^^^^^^^^^
+
+Acquire the Ansible Vault password for this repository, and store a copy at
+``~/vault-pw``.
+
+The following commands install Kayobe and its dependencies, and prepare the
+Ansible control host.
+
+.. code-block:: console
+
+   export KAYOBE_VAULT_PASSWORD=$(cat ~/vault-pw)
+   pushd ~/venvs/kayobe
+   source bin/activate
+   popd
+   pushd ~/src/kayobe-config
+   source kayobe-env --environment ci-aio
+   kayobe control host bootstrap
+
+Deployment
+^^^^^^^^^^
+
+Next, configure the host OS & services.
+
+.. code-block:: console
+
+   kayobe overcloud host configure
+
+Finally, deploy the overcloud services.
+
+.. code-block:: console
+
+   kayobe overcloud service deploy
+
+The control plane should now be running.
+
+Testing
+^^^^^^^
+
+Run a smoke test:
+
+.. code-block:: console
+
+   cd ~/kayobe
+   ./dev/overcloud-test-vm.sh
+
 ci-builder
 ----------
 

@@ -0,0 +1,63 @@
+---
+# Kayobe global configuration.
+
+###############################################################################
+# Local path configuration (Ansible control host).
+
+# Path to Kayobe configuration directory on Ansible control host, with an
+# environment path appended if kayobe_environment is set.
+#kayobe_config_path:
+
+# Name of Kayobe environment to use. Default is $KAYOBE_ENVIRONMENT, or an
+# empty string if $KAYOBE_ENVIRONMENT is not set. Can also be set via the
+# --environment argument when invoking kayobe.
+#kayobe_environment:
+
+# Path to Kayobe configuration directory on Ansible control host with an
+# environment path appended if kayobe_environment is set.
+#kayobe_env_config_path:
+
+###############################################################################
+# Remote path configuration (seed, seed-hypervisor and overcloud hosts).
+
+# Base path for kayobe state on remote hosts.
+#base_path:
+
+# Path in which to store configuration on remote hosts.
+#config_path:
+
+# Path in which to cache downloaded images on remote hosts.
+#image_cache_path:
+
+# Path on which to checkout source code repositories on remote hosts.
+#source_checkout_path:
+
+# Path on which to create python virtualenvs on remote hosts.
+#virtualenv_path:
+
+###############################################################################
+# User configuration.
+
+# User with which to access remote hosts. This user will be created if it does
+# not exist.
+#kayobe_ansible_user:
+
+###############################################################################
+# OS distribution.
+
+# OS distribution name. Valid options are "centos", "ubuntu". Default is
+# "centos".
+os_distribution: "{{ lookup('pipe', '. /etc/os-release && echo $ID') | trim }}"
+
+# OS release. Valid options are "8-stream" when os_distribution is "centos", or
+# "focal" when os_distribution is "ubuntu".
+#os_release:
+
+###############################################################################
+
+# Avoid a reboot.
+disable_selinux_do_reboot: false
+
+###############################################################################
+# Dummy variable to allow Ansible to accept this file.
+workaround_ansible_issue_8743: yes
@@ -0,0 +1,12 @@
+---
+###############################################################################
+# Network interface definitions for the controller group.
+
+# Controller interface on all-in-one network.
+aio_interface: breth1
+# Use dummy1 if it exists, otherwise the bridge will have no ports.
+aio_bridge_ports: "{{ ['dummy1'] if 'ansible_dummy1' in hostvars[inventory_hostname] else [] }}"
+
+###############################################################################
+# Dummy variable to allow Ansible to accept this file.
+workaround_ansible_issue_8743: yes
@@ -0,0 +1,5 @@
+[controllers]
+
+[container-image-builders:children]
+# Build container images on the all-in-one controller.
+controllers
@@ -0,0 +1,6 @@
+# A single all-in-one controller/compute host.
+[controllers]
+controller0
+
+[compute:children]
+controllers
@@ -0,0 +1,2 @@
+[DEFAULT]
+minimum_required_memory = 256
@@ -0,0 +1,13 @@
+---
+# Most development environments will use nested virtualisation, and we can't
+# guarantee that nested KVM support is available. Use QEMU as a lowest common
+# denominator.
+nova_compute_virt_type: qemu
+
+# Reduce the control plane's memory footprint by limiting the number of worker
+# processes to one per-service.
+openstack_service_workers: "1"
+openstack_service_rpc_workers: "1"
+
+docker_yum_baseurl: "{{ stackhpc_repo_docker_url }}"
+docker_yum_gpgkey: "https://download.docker.com/linux/{% raw %}{{ ansible_facts.distribution | lower }}{% endraw %}/gpg"
@@ -0,0 +1,3 @@
+---
+aio_ips:
+  controller0: 192.168.33.3
@@ -0,0 +1,119 @@
+---
+# Kayobe network configuration.
+
+###############################################################################
+# Network role to network mappings.
+
+# Map all networks to the all-in-one network.
+
+# Name of the network used for admin access to the overcloud
+#admin_oc_net_name:
+admin_oc_net_name: aio
+
+# Name of the network used by the seed to manage the bare metal overcloud
+# hosts via their out-of-band management controllers.
+#oob_oc_net_name:
+oob_oc_net_name: aio
+
+# Name of the network used by the seed to provision the bare metal overcloud
+# hosts.
+#provision_oc_net_name:
+provision_oc_net_name: aio
+
+# Name of the network used by the overcloud hosts to manage the bare metal
+# compute hosts via their out-of-band management controllers.
+#oob_wl_net_name:
+oob_wl_net_name: aio
+
+# Name of the network used by the overcloud hosts to provision the bare metal
+# workload hosts.
+#provision_wl_net_name:
+provision_wl_net_name: aio
+
+# Name of the network used to expose the internal OpenStack API endpoints.
+#internal_net_name:
+internal_net_name: aio
+
+# List of names of networks used to provide external network access via
+# Neutron.
+# Deprecated name: external_net_name
+# If external_net_name is defined, external_net_names will default to a list
+# containing one item, external_net_name.
+#external_net_names:
+external_net_names:
+  - aio
+
+# Name of the network used to expose the public OpenStack API endpoints.
+#public_net_name:
+public_net_name: aio
+
+# Name of the network used by Neutron to carry tenant overlay network traffic.
+#tunnel_net_name:
+tunnel_net_name: aio
+
+# Name of the network used to carry storage data traffic.
+#storage_net_name:
+storage_net_name: aio
+
+# Name of the network used to carry storage management traffic.
+#storage_mgmt_net_name:
+storage_mgmt_net_name: aio
+
+# Name of the network used to carry swift storage data traffic.
+#swift_storage_net_name:
+swift_storage_net_name: aio
+
+# Name of the network used to carry swift storage replication traffic.
+#swift_storage_replication_net_name:
+swift_storage_replication_net_name: aio
+
+# Name of the network used to perform hardware introspection on the bare metal
+# workload hosts.
+#inspection_net_name:
+inspection_net_name: aio
+
+# Name of the network used to perform cleaning on the bare metal workload
+# hosts
+#cleaning_net_name:
+cleaning_net_name: aio
+
+###############################################################################
+# Network definitions.
+
+# All-in-one network.
+aio_cidr: 192.168.33.0/24
+aio_allocation_pool_start: 192.168.33.3
+aio_allocation_pool_end: 192.168.33.30
+aio_neutron_allocation_pool_start: 192.168.33.31
+aio_neutron_allocation_pool_end: 192.168.33.127
+aio_inspection_allocation_pool_start: 192.168.33.128
+aio_inspection_allocation_pool_end: 192.168.33.254
+aio_vip_address: 192.168.33.2
+
+###############################################################################
+# Network virtual patch link configuration.
+
+# Suffix for Open vSwitch bridge names.
+#network_bridge_suffix_ovs:
+
+# Prefix for virtual patch interface names.
+#network_patch_prefix:
+
+# Suffix for virtual patch link interface names when connected towards the
+# physical interface.
+#network_patch_suffix_phy:
+
+# Suffix for virtual patch link interface names when connected towards the
+# OVS bridge.
+#network_patch_suffix_ovs:
+
+###############################################################################
+# Network routing table configuration.
+
+# List of IP routing tables. Each item should be a dict containing 'id' and
+# 'name' items. These tables will be added to /etc/iproute2/rt_tables.
+#network_route_tables:
+
+###############################################################################
+# Dummy variable to allow Ansible to accept this file.
+workaround_ansible_issue_8743: yes
@@ -0,0 +1,53 @@
+---
+###############################################################################
+# Kolla configuration.
+
+# Docker namespace to use for Kolla images. Default is 'kolla'.
+kolla_docker_namespace: stackhpc-dev
+
+###############################################################################
+# Network configuration.
+
+# Don't touch resolv.conf: use Neutron DNS for accessing Pulp server via
+# hostname.
+resolv_is_managed: false
+
+###############################################################################
+# StackHPC configuration.
+
+# Host and port of a package repository mirror.
+# Build and deploy the development Pulp service repositories.
+stackhpc_repo_mirror_url: "http://pulp-server.internal.sms-cloud:8080"
+
+# Build and deploy released Pulp repository versions.
+stackhpc_repo_centos_stream_baseos_version: "{{ stackhpc_pulp_repo_centos_stream_8_baseos_version }}"
+stackhpc_repo_centos_stream_appstream_version: "{{ stackhpc_pulp_repo_centos_stream_8_appstream_version }}"
+stackhpc_repo_centos_stream_extras_version: "{{ stackhpc_pulp_repo_centos_stream_8_extras_version }}"
+stackhpc_repo_epel_version: "{{ stackhpc_pulp_repo_epel_version }}"
+stackhpc_repo_epel_modular_version: "{{ stackhpc_pulp_repo_epel_modular_version }}"
+stackhpc_repo_docker_version: "{{ stackhpc_pulp_repo_docker_version }}"
+stackhpc_repo_centos_stream_advanced_virtualization_version: "{{ stackhpc_pulp_repo_centos_stream_8_advanced_virtualization_version }}"
+stackhpc_repo_centos_stream_nfv_openvswitch_version: "{{ stackhpc_pulp_repo_centos_stream_8_nfv_openvswitch_version }}"
+stackhpc_repo_centos_stream_openstack_wallaby_version: "{{ stackhpc_pulp_repo_centos_stream_8_openstack_wallaby_version }}"
+stackhpc_repo_centos_stream_powertools_version: "{{ stackhpc_pulp_repo_centos_stream_8_powertools_version }}"
+stackhpc_repo_centos_opstools_version: "{{ stackhpc_pulp_repo_centos_8_opstools_version }}"
+stackhpc_repo_centos_stream_storage_ceph_pacific_version: "{{ stackhpc_pulp_repo_centos_stream_8_storage_ceph_pacific_version }}"
+stackhpc_repo_elasticsearch_logstash_kibana_7_x_version: "{{ stackhpc_pulp_repo_elasticsearch_logstash_kibana_7_x_version }}"
+stackhpc_repo_grafana_version: "{{ stackhpc_pulp_repo_grafana_version }}"
+stackhpc_repo_rabbitmq_erlang_version: "{{ stackhpc_pulp_repo_rabbitmq_erlang_version }}"
+stackhpc_repo_rabbitmq_server_version: "{{ stackhpc_pulp_repo_rabbitmq_server_version }}"
+stackhpc_repo_treasuredata_4_version: "{{ stackhpc_pulp_repo_treasuredata_4_version }}"
+
+# Host and port of container registry.
+# Push built images to the development Pulp service registry.
+stackhpc_docker_registry: "{{ stackhpc_repo_mirror_url | regex_replace('^https?://', '') }}"
+
+# Username and password of container registry.
+stackhpc_docker_registry_username: "admin"
+stackhpc_docker_registry_password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  38653432663133653430323937626239323836653537633633326265643930653034306532646464
+  3766353637326534643136326533633034666535323364660a633639393433376564363666663233
+  38333133393730633666613965653364316162353337313330346164303631313731646461363461
+  3963323635373866630a633533376339363734626664333765313665623662613764363038383735
+  38646138376438643533376161376634653439386230353365316239613430363338