From 93d3a63459a7bfe46aaf01a001cf117648fa9f7e Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Wed, 12 Oct 2022 11:49:06 +0000 Subject: [PATCH 1/7] feat: add openstack network configuration --- etc/openstack-config/openstack-config.yml | 183 +++++++++++++++------- 1 file changed, 130 insertions(+), 53 deletions(-) diff --git a/etc/openstack-config/openstack-config.yml b/etc/openstack-config/openstack-config.yml index fd88313..d67a9e4 100644 --- a/etc/openstack-config/openstack-config.yml +++ b/etc/openstack-config/openstack-config.yml @@ -1,60 +1,137 @@ --- ############################################################################### -# Configuration of OpenStack projects and users user environment. - -# List of OpenStack projects. Format is as required by the stackhpc.os-projects -# role. -#openstack_projects: - -############################################################################### -# Configuration of networks, subnets and routers. +# Configuration of networks, subnets and routers for openstack. # List of networks in the openstack system. Format is as required by the # stackhpc.os-networks role. -#openstack_networks: - -# List of routers in the openstack project. Format is as required by the +openstack_networks: + - "{{ openstack_network_external }}" + - "{{ openstack_network_demo_vxlan }}" + - "{{ openstack_network_demo_vlan }}" + - "{{ openstack_network_demo_provider }}" + +# openstack external network name. +openstack_network_external_name: "external" + +# openstack external network. +openstack_network_external: + name: "{{ openstack_network_external_name }}" + project: "admin" + provider_network_type: "vlan" + provider_physical_network: "physnet1" + provider_segmentation_id: 102 + shared: true + external: true + # Subnet configuration. + subnets: + - "{{ openstack_subnet_external }}" + +# openstack external subnet. +openstack_subnet_external: + name: "{{ openstack_network_external_name }}" + project: "admin" + cidr: "192.168.38.0/24" + no_gateway_ip: false + allocation_pool_start: "192.168.38.129" + allocation_pool_end: "192.168.38.254" + +# openstack demo VXLAN network name. +openstack_network_demo_vxlan_name: "demo-vxlan" + +# openstack demo VXLAN network. +openstack_network_demo_vxlan: + name: "{{ openstack_network_demo_vxlan_name }}" + project: demo + provider_network_type: "vxlan" + shared: false + # Subnet configuration. + subnets: + - "{{ openstack_subnet_demo_vxlan }}" + +# openstack demo VXLAN subnet. +openstack_subnet_demo_vxlan: + name: "{{ openstack_network_demo_vxlan_name }}" + project: demo + cidr: "10.1.0.0/24" + gateway_ip: "10.1.0.1" + allocation_pool_start: "10.1.0.2" + allocation_pool_end: "10.1.0.254" + +# openstack demo VLAN network name. +openstack_network_demo_vlan_name: "demo-vlan" + +# openstack demo VLAN network. +openstack_network_demo_vlan: + name: "{{ openstack_network_demo_vlan_name }}" + project: demo + provider_network_type: "vlan" + provider_physical_network: "physnet1" + shared: false + # Subnet configuration. + subnets: + - "{{ openstack_subnet_demo_vlan }}" + +# openstack demo VLAN subnet. +openstack_subnet_demo_vlan: + name: "{{ openstack_network_demo_vlan_name }}" + project: demo + cidr: "10.0.0.0/24" + gateway_ip: "10.0.0.1" + allocation_pool_start: "10.0.0.2" + allocation_pool_end: "10.0.0.254" + +# openstack demo provider VLAN network name. +openstack_network_demo_provider_name: "demo-provider" + +# openstack demo provider VLAN +openstack_network_demo_provider: + name: "{{ openstack_network_demo_provider_name }}" + project: demo + provider_network_type: "vlan" + provider_physical_network: "physnet1" + provider_segmentation_id: 100 + shared: false + # Subnet configuration. + subnets: + - "{{ openstack_subnet_demo_provider }}" + +# openstack demo provider VLAN subnet +openstack_subnet_demo_provider: + name: "{{ openstack_network_demo_provider_name }}" + project: demo + cidr: "10.100.0.0/16" + gateway_ip: "10.100.0.1" + allocation_pool_start: "10.100.1.0" + allocation_pool_end: "10.100.99.255" + host_routes: + - destination: "10.66.0.0/16" + nexthop: "10.100.0.2" + +# List of routers in the openstack demo project. Format is as required by the # stackhpc.os-networks role. -#openstack_routers: - -# List of security groups in the openstack project. +openstack_routers: + - "{{ openstack_router_demo }}" + +# openstack demo router. +openstack_router_demo: + - name: demo + project: demo + interfaces: + - "{{ openstack_network_demo_vlan_name }}" + - "{{ openstack_network_demo_vxlan_name }}" + - "{{ openstack_network_demo_provider_name }}" + network: "{{ openstack_network_external_name }}" + +# List of security groups in the openstack demo project. # Format is as required by the stackhpc.os-networks role. -#openstack_security_groups: - -############################################################################### -# Configuration of nova flavors. - -# List of nova flavors in the openstack project. Format is as required by the -# stackhpc.os-flavors role. -#openstack_flavors: - -############################################################################### -# Configuration of nova host aggregates. - -# List of nova host aggregates. Format is as required by the -# stackhpc.os_host_aggregates role. -#openstack_host_aggregates: - -############################################################################### -# Configuration of Glance software images. - -# List of Glance images. Format is as required by the stackhpc.os-images role. -#openstack_images: - -# List of Diskimage Builder (DIB) elements paths to include in image builds. -#openstack_image_elements: - -# List of Diskimage Builder (DIB) elements Git repositories to use in image -# builds. -#openstack_image_git_elements: - -############################################################################### -# Configuration of Magnum container clusters. - -# List of magnum cluster templates. Format is as required by the -# stackhpc.os-container-clusters role. -#openstack_container_clusters_templates: - -############################################################################### -# Dummy variable to allow Ansible to accept this file. -workaround_ansible_issue_8743: yes +openstack_security_groups: + # Default security group for the openstack demo project. + - name: default + project: demo + rules: + # Allow ICMP (for ping, etc.). + - protocol: icmp + # Allow SSH. + - protocol: tcp + port_range_min: 22 + port_range_max: 22 From 23cb0e305424b42a1ba4b577c595e86b8f42a156 Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Tue, 1 Nov 2022 16:06:09 +0000 Subject: [PATCH 2/7] feat: add admin openstack resources --- etc/openstack-config/openstack-config.yml | 157 +++++++++++++++------- 1 file changed, 106 insertions(+), 51 deletions(-) diff --git a/etc/openstack-config/openstack-config.yml b/etc/openstack-config/openstack-config.yml index d67a9e4..e019df0 100644 --- a/etc/openstack-config/openstack-config.yml +++ b/etc/openstack-config/openstack-config.yml @@ -1,4 +1,61 @@ --- +############################################################################### +# Configuration of nova flavors for openstack. + +# List of nova flavors in the openstack demo project. Format is as required by the +# stackhpc.os-flavors role. +openstack_flavors: + - "{{ openstack_flavor_m1_tiny }}" + - "{{ openstack_flavor_m1_small }}" + - "{{ openstack_flavor_m1_medium }}" + - "{{ openstack_flavor_m1_large }}" + - "{{ openstack_flavor_m1_xlarge }}" + +# Virtual machine flavors. +openstack_flavor_m1_tiny: + name: "m1.tiny" + ram: 512 + disk: 1 + vcpus: 1 + +openstack_flavor_m1_small: + name: "m1.small" + ram: 2048 + disk: 20 + vcpus: 1 + +openstack_flavor_m1_medium: + name: "m1.medium" + ram: 4096 + disk: 40 + vcpus: 2 + +openstack_flavor_m1_large: + name: "m1.large" + ram: 8192 + disk: 40 + vcpus: 4 + +openstack_flavor_m1_xlarge: + name: "m1.xlarge" + ram: 16384 + disk: 100 + vcpus: 8 + +openstack_images: + - "{{ openstack_image_cirros_0_6_0 }}" + +openstack_image_cirros_0_6_0: + name: "cirros" + type: qcow2 + image_url: "https://github.com/cirros-dev/cirros/releases/download/0.6.0/cirros-0.6.0-x86_64-disk.img" + is_public: True + properties: + os_type: "linux" + os_distro: "cirros" + os_version: "0.6.0" + hw_rng_model: "virtio" + ############################################################################### # Configuration of networks, subnets and routers for openstack. @@ -6,9 +63,9 @@ # stackhpc.os-networks role. openstack_networks: - "{{ openstack_network_external }}" - - "{{ openstack_network_demo_vxlan }}" - - "{{ openstack_network_demo_vlan }}" - - "{{ openstack_network_demo_provider }}" + - "{{ openstack_network_admin_vxlan }}" + - "{{ openstack_network_admin_vlan }}" + - "{{ openstack_network_admin_provider }}" # openstack external network name. openstack_network_external_name: "external" @@ -35,99 +92,96 @@ openstack_subnet_external: allocation_pool_start: "192.168.38.129" allocation_pool_end: "192.168.38.254" -# openstack demo VXLAN network name. -openstack_network_demo_vxlan_name: "demo-vxlan" +# openstack admin VXLAN network name. +openstack_network_admin_vxlan_name: "admin-vxlan" -# openstack demo VXLAN network. -openstack_network_demo_vxlan: - name: "{{ openstack_network_demo_vxlan_name }}" - project: demo +# openstack admin VXLAN network. +openstack_network_admin_vxlan: + name: "{{ openstack_network_admin_vxlan_name }}" + project: admin provider_network_type: "vxlan" shared: false # Subnet configuration. subnets: - - "{{ openstack_subnet_demo_vxlan }}" + - "{{ openstack_subnet_admin_vxlan }}" -# openstack demo VXLAN subnet. -openstack_subnet_demo_vxlan: - name: "{{ openstack_network_demo_vxlan_name }}" - project: demo +# openstack admin VXLAN subnet. +openstack_subnet_admin_vxlan: + name: "{{ openstack_network_admin_vxlan_name }}" + project: admin cidr: "10.1.0.0/24" gateway_ip: "10.1.0.1" allocation_pool_start: "10.1.0.2" allocation_pool_end: "10.1.0.254" -# openstack demo VLAN network name. -openstack_network_demo_vlan_name: "demo-vlan" +# openstack admin VLAN network name. +openstack_network_admin_vlan_name: "admin-vlan" -# openstack demo VLAN network. -openstack_network_demo_vlan: - name: "{{ openstack_network_demo_vlan_name }}" - project: demo +# openstack admin VLAN network. +openstack_network_admin_vlan: + name: "{{ openstack_network_admin_vlan_name }}" + project: admin provider_network_type: "vlan" provider_physical_network: "physnet1" shared: false # Subnet configuration. subnets: - - "{{ openstack_subnet_demo_vlan }}" + - "{{ openstack_subnet_admin_vlan }}" -# openstack demo VLAN subnet. -openstack_subnet_demo_vlan: - name: "{{ openstack_network_demo_vlan_name }}" - project: demo +# openstack admin VLAN subnet. +openstack_subnet_admin_vlan: + name: "{{ openstack_network_admin_vlan_name }}" + project: admin cidr: "10.0.0.0/24" gateway_ip: "10.0.0.1" allocation_pool_start: "10.0.0.2" allocation_pool_end: "10.0.0.254" -# openstack demo provider VLAN network name. -openstack_network_demo_provider_name: "demo-provider" +# openstack admin provider VLAN network name. +openstack_network_admin_provider_name: "admin-provider" -# openstack demo provider VLAN -openstack_network_demo_provider: - name: "{{ openstack_network_demo_provider_name }}" - project: demo +# openstack admin provider VLAN +openstack_network_admin_provider: + name: "{{ openstack_network_admin_provider_name }}" + project: admin provider_network_type: "vlan" provider_physical_network: "physnet1" provider_segmentation_id: 100 shared: false # Subnet configuration. subnets: - - "{{ openstack_subnet_demo_provider }}" + - "{{ openstack_subnet_admin_provider }}" -# openstack demo provider VLAN subnet -openstack_subnet_demo_provider: - name: "{{ openstack_network_demo_provider_name }}" - project: demo +# openstack admin provider VLAN subnet +openstack_subnet_admin_provider: + name: "{{ openstack_network_admin_provider_name }}" + project: admin cidr: "10.100.0.0/16" gateway_ip: "10.100.0.1" allocation_pool_start: "10.100.1.0" allocation_pool_end: "10.100.99.255" - host_routes: - - destination: "10.66.0.0/16" - nexthop: "10.100.0.2" -# List of routers in the openstack demo project. Format is as required by the +# List of routers in the openstack admin project. Format is as required by the # stackhpc.os-networks role. openstack_routers: - - "{{ openstack_router_demo }}" + - "{{ openstack_router_admin }}" -# openstack demo router. -openstack_router_demo: - - name: demo - project: demo +# openstack admin router. +openstack_router_admin: + - name: admin + project: admin interfaces: - - "{{ openstack_network_demo_vlan_name }}" - - "{{ openstack_network_demo_vxlan_name }}" - - "{{ openstack_network_demo_provider_name }}" + - "{{ openstack_network_admin_vlan_name }}" + - "{{ openstack_network_admin_vxlan_name }}" + - "{{ openstack_network_admin_provider_name }}" network: "{{ openstack_network_external_name }}" -# List of security groups in the openstack demo project. +# List of security groups in the openstack admin project. # Format is as required by the stackhpc.os-networks role. openstack_security_groups: - # Default security group for the openstack demo project. + # Default security group for the openstack admin project. - name: default - project: demo + project: admin rules: # Allow ICMP (for ping, etc.). - protocol: icmp @@ -135,3 +189,4 @@ openstack_security_groups: - protocol: tcp port_range_min: 22 port_range_max: 22 + From 1b3937bb4dd1499b232ae6e7db2a3f79173eeac5 Mon Sep 17 00:00:00 2001 From: Jack Hodgkiss Date: Thu, 3 Nov 2022 12:32:55 +0000 Subject: [PATCH 3/7] fix: change `no_gateway_ip` to true --- etc/openstack-config/openstack-config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/openstack-config/openstack-config.yml b/etc/openstack-config/openstack-config.yml index e019df0..f65a506 100644 --- a/etc/openstack-config/openstack-config.yml +++ b/etc/openstack-config/openstack-config.yml @@ -88,7 +88,7 @@ openstack_subnet_external: name: "{{ openstack_network_external_name }}" project: "admin" cidr: "192.168.38.0/24" - no_gateway_ip: false + no_gateway_ip: true allocation_pool_start: "192.168.38.129" allocation_pool_end: "192.168.38.254" From 1fbe2a8d4f93ea95d94fb749e4348269efa9d9b7 Mon Sep 17 00:00:00 2001 From: Scott Davidson Date: Tue, 10 Jan 2023 14:41:12 +0000 Subject: [PATCH 4/7] Make tenant network generic Rename 'vxlan' -> 'tenant' and avoid setting `provider_network_type` explicitly so that OVS/OVN can choose vxlan/geneve automatically. --- etc/openstack-config/openstack-config.yml | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/etc/openstack-config/openstack-config.yml b/etc/openstack-config/openstack-config.yml index f65a506..7d0f5fa 100644 --- a/etc/openstack-config/openstack-config.yml +++ b/etc/openstack-config/openstack-config.yml @@ -63,7 +63,7 @@ openstack_image_cirros_0_6_0: # stackhpc.os-networks role. openstack_networks: - "{{ openstack_network_external }}" - - "{{ openstack_network_admin_vxlan }}" + - "{{ openstack_network_admin_tenant }}" - "{{ openstack_network_admin_vlan }}" - "{{ openstack_network_admin_provider }}" @@ -92,22 +92,21 @@ openstack_subnet_external: allocation_pool_start: "192.168.38.129" allocation_pool_end: "192.168.38.254" -# openstack admin VXLAN network name. -openstack_network_admin_vxlan_name: "admin-vxlan" +# openstack admin tenant network name. +openstack_network_admin_tenant_name: "admin-tenant" -# openstack admin VXLAN network. -openstack_network_admin_vxlan: - name: "{{ openstack_network_admin_vxlan_name }}" +# openstack admin tenant network. +openstack_network_admin_tenant: + name: "{{ openstack_network_admin_tenant_name }}" project: admin - provider_network_type: "vxlan" shared: false # Subnet configuration. subnets: - - "{{ openstack_subnet_admin_vxlan }}" + - "{{ openstack_subnet_admin_tenant }}" -# openstack admin VXLAN subnet. -openstack_subnet_admin_vxlan: - name: "{{ openstack_network_admin_vxlan_name }}" +# openstack admin tenant subnet. +openstack_subnet_admin_tenant: + name: "{{ openstack_network_admin_tenant_name }}" project: admin cidr: "10.1.0.0/24" gateway_ip: "10.1.0.1" @@ -172,7 +171,7 @@ openstack_router_admin: project: admin interfaces: - "{{ openstack_network_admin_vlan_name }}" - - "{{ openstack_network_admin_vxlan_name }}" + - "{{ openstack_network_admin_tenant_name }}" - "{{ openstack_network_admin_provider_name }}" network: "{{ openstack_network_external_name }}" From ee98530e2c2168698f9339e6d06925741b48f883 Mon Sep 17 00:00:00 2001 From: Alex-Welsh Date: Tue, 28 Feb 2023 14:06:29 +0000 Subject: [PATCH 5/7] fix vm connectivity --- etc/openstack-config/openstack-config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/openstack-config/openstack-config.yml b/etc/openstack-config/openstack-config.yml index 7d0f5fa..1d04ff1 100644 --- a/etc/openstack-config/openstack-config.yml +++ b/etc/openstack-config/openstack-config.yml @@ -88,7 +88,7 @@ openstack_subnet_external: name: "{{ openstack_network_external_name }}" project: "admin" cidr: "192.168.38.0/24" - no_gateway_ip: true + gateway_ip: "192.168.38.3" allocation_pool_start: "192.168.38.129" allocation_pool_end: "192.168.38.254" From 3413ea3dfaf8f2d142a8e7c0bd2c2ffee8f8b61d Mon Sep 17 00:00:00 2001 From: Alex-Welsh Date: Thu, 3 Apr 2025 11:53:00 +0100 Subject: [PATCH 6/7] Bump stackhpc.openstack collection This fixes a parsing error that requires loop labels to be strings which is raised from ansible-core 2.15 onwards --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index c58c0ae..28620f3 100644 --- a/requirements.yml +++ b/requirements.yml @@ -3,4 +3,4 @@ collections: - name: openstack.cloud version: 2.4.1 - name: stackhpc.openstack - version: 0.2.4 + version: 0.4.1 From 1ad651b0b26dd083e6ebf0d1f705e6376d658318 Mon Sep 17 00:00:00 2001 From: Alex-Welsh Date: Wed, 14 May 2025 12:59:25 +0100 Subject: [PATCH 7/7] Install EPEL when using os_images --- ansible/group_vars/all/os_images | 4 ++++ requirements.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 ansible/group_vars/all/os_images diff --git a/ansible/group_vars/all/os_images b/ansible/group_vars/all/os_images new file mode 100644 index 0000000..1ff861f --- /dev/null +++ b/ansible/group_vars/all/os_images @@ -0,0 +1,4 @@ +--- +# Whether to enable the CRB repository and install the EPEL repository before +# installing packages. Default is false +os_images_install_epel_repo: true diff --git a/requirements.yml b/requirements.yml index 28620f3..2ff41fe 100644 --- a/requirements.yml +++ b/requirements.yml @@ -3,4 +3,4 @@ collections: - name: openstack.cloud version: 2.4.1 - name: stackhpc.openstack - version: 0.4.1 + version: 0.5.3