From 37561cc1f7fa729f87368bfd46706fa4b57e52e8 Mon Sep 17 00:00:00 2001
From: Harm Weites <harm@weites.com>
Date: Tue, 21 Jul 2015 21:57:44 +0200
Subject: [PATCH] Vagrantfile and docs
With Vagrant it becomes real easy to create a dev environment to
test and checkout $code. The focus is specifically on setting up
an environment to play around in, developing Kolla and showing
what it is capable of in a clean virtualised environment. When
done, the environment can be destroy and re-created at will when
needed.
Change-Id: I440d004e76c337f298cad2397cf4c13f2cc35ddb
Implements: blueprint vagrant-devenv
---
docs/vagrant.md | 81 ++++++++++++++++++++++++++++
vagrant/Vagrantfile | 91 +++++++++++++++++++++++++++++++
vagrant/bootstrap.sh | 124 +++++++++++++++++++++++++++++++++++++++++++
3 files changed, 296 insertions(+)
create mode 100644 docs/vagrant.md
create mode 100644 vagrant/Vagrantfile
create mode 100644 vagrant/bootstrap.sh
diff --git a/docs/vagrant.md b/docs/vagrant.md
new file mode 100644
index 0000000000..c4e8ac80f4
--- /dev/null
+++ b/docs/vagrant.md
@@ -0,0 +1,81 @@
+Vagrant up!
+============================
+
+This guide describes how to use [Vagrant][] to assist in developing for Kolla.
+
+Vagrant is a tool to assist in scripted creation of virtual machines, it will
+take care of setting up a CentOS-based cluster of virtual machines, each with
+proper hardware like memory amount and number of network interfaces.
+
+[Vagrant]: http://vagrantup.com
+
+
+Getting Started
+---------------
+
+The vagrant setup will build a cluster with the following nodes:
+
+- 3 support nodes
+- 1 compute node
+- 1 operator node
+
+Kolla runs from the operator node to deploy OpenStack on the other nodes.
+
+All nodes are connected with each other on the secondary nic, the primary nic
+is behind a NAT interface for connecting with the internet. A third nic is
+connected without IP configuration to a public bridge interface. This may be
+used for Neutron/Nova to connect to instances.
+
+Start with downloading and installing the Vagrant package for your distro of
+choice. Various downloads can be found [here][]. After we will install the
+hostmanager plugin so all hosts are recorded in /etc/hosts (inside each vm):
+
+ vagrant plugin install vagrant-hostmanager
+
+Vagrant supports a wide range of virtualization technologies, of which we will
+use VirtualBox for now.
+
+Find some place in your homedir and checkout the Kolla repo
+
+ git clone https://github.com/stackforge/kolla.git ~/dev/kolla
+
+You can now tweak the Vagrantfile or start a CentOS7-based cluster right away:
+
+ cd ~/dev/kolla/vagrant && vagrant up
+
+The command `vagrant up` will build your cluster, `vagrant status` will give
+you a quick overview once done.
+
+[here]: https://www.vagrantup.com/downloads.html
+
+Vagrant Up
+---------
+
+Once vagrant has completed deploying all nodes, we can focus on launching Kolla.
+First, connect with the _operator_ node:
+
+ vagrant ssh operator
+
+Once connected you can run a simple Ansible-style ping to verify if the cluster is operable:
+
+ ansible -i kolla/ansible/inventory/multinode all -m ping -e ansible_ssh_user=root
+
+Congratulations, your cluster is usable and you can start deploying OpenStack using Ansible!
+
+To speed things up, there is a local registry running on the operator. All nodes are configured
+so they can use this insecure repo to pull from, and they will use it as mirror. Ansible may
+use this registry to pull images from.
+
+All nodes have a local folder shared between the group and the hypervisor, and a folder shared
+between _all_ nodes and the hypervisor. This mapping is lost after reboots, so make sure you use
+the command `vagrant reload <node>` when reboots are required. Having this shared folder you
+have a method to supply a different docker binary to the cluster. The shared folder is also
+used to store the docker-registry files, so they are save from destructive operations like
+`vagrant destroy`.
+
+Further Reading
+---------------
+
+All Vagrant documentation can be found on their [website][].
+
+[website]: http://docs.vagrantup.com
diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile
new file mode 100644
index 0000000000..9a62ffbb0f
--- /dev/null
+++ b/vagrant/Vagrantfile
@@ -0,0 +1,91 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# Configure a new SSH key and config so the operator is able to connect with
+# the other cluster nodes.
+if not File.file?("./vagrantkey")
+ system("ssh-keygen -f ./vagrantkey -N '' -C this-is-vagrant")
+end
+
+Vagrant.configure(2) do |config|
+ # The base image to use
+ # TODO (harmw): something more close to vanilla would be nice, someday.
+ config.vm.box = "puppetlabs/centos-7.0-64-puppet"
+
+ # Next to the hostonly NAT-network there is a host-only network with all
+ # nodes attached. Plus, each node receives a 3rd adapter connected to the
+ # outside public network.
+ # TODO (harmw): see if there is a way to automate the selection of the bridge
+ # interface.
+ config.vm.network "private_network", type: "dhcp"
+ config.vm.network "public_network", ip: "0.0.0.0", bridge: "wlp3s0b1"
+
+ my_privatekey = File.read(File.join(File.dirname(__FILE__), "vagrantkey"))
+ my_publickey = File.read(File.join(File.dirname(__FILE__), "vagrantkey.pub"))
+
+ # TODO (harmw): This is slightly difficult to read.
+ config.vm.provision :shell, :inline => "mkdir -p /root/.ssh && echo '#{my_privatekey}' > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa"
+ config.vm.provision :shell, :inline => "echo '#{my_publickey}' > /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys"
+ config.vm.provision :shell, :inline => "mkdir -p /home/vagrant/.ssh && echo '#{my_privatekey}' >> /home/vagrant/.ssh/id_rsa && chmod 600 /home/vagrant/.ssh/*"
+ config.vm.provision :shell, :inline => "echo 'Host *' > ~vagrant/.ssh/config"
+ config.vm.provision :shell, :inline => "echo StrictHostKeyChecking no >> ~vagrant/.ssh/config"
+ config.vm.provision :shell, :inline => "chown -R vagrant: /home/vagrant/.ssh"
+
+ config.hostmanager.enabled = true
+ config.hostmanager.ip_resolver = proc do |vm, resolving_vm|
+ if vm.id
+ `VBoxManage guestproperty get #{vm.id} "/VirtualBox/GuestInfo/Net/1/V4/IP"`.split()[1]
+ end
+ end
+
+ # The operator controls the deployment
+ config.vm.define "operator" do |admin|
+ admin.vm.hostname = "operator.local"
+ admin.vm.provision :shell, path: "bootstrap.sh", args: "operator"
+ admin.vm.synced_folder "storage/operator/", "/data/host", create:"True"
+ admin.vm.synced_folder "storage/shared/", "/data/shared", create:"True"
+ admin.vm.synced_folder ".", "/vagrant", disabled: true
+ admin.vm.provider "virtualbox" do |vb|
+ vb.memory = 1024
+ end
+ admin.hostmanager.aliases = "operator"
+ end
+
+ # Build compute nodes
+ (1..1).each do |i|
+ config.vm.define "compute0#{i}" do |compute|
+ compute.vm.hostname = "compute0#{i}.local"
+ compute.vm.provision :shell, path: "bootstrap.sh"
+ compute.vm.synced_folder "storage/compute/", "/data/host", create:"True"
+ compute.vm.synced_folder "storage/shared/", "/data/shared", create:"True"
+ compute.vm.synced_folder ".", "/vagrant", disabled: true
+ compute.vm.provider "virtualbox" do |vb|
+ vb.memory = 1024
+ end
+ compute.hostmanager.aliases = "compute0#{i}"
+ end
+ end
+
+ # Build support nodes
+ (1..3).each do |i|
+ config.vm.define "support0#{i}" do |support|
+ support.vm.hostname = "support0#{i}.local"
+ support.vm.provision :shell, path: "bootstrap.sh"
+ support.vm.synced_folder "storage/support/", "/data/host", create:"True"
+ support.vm.synced_folder "storage/shared/", "/data/shared", create:"True"
+ support.vm.synced_folder ".", "/vagrant", disabled: true
+ support.vm.provider "virtualbox" do |vb|
+ vb.memory = 2048
+ end
+ support.hostmanager.aliases = "support0#{i}"
+
+ # TODO: Here we bind local port 8080 to Horizon on support01 only.
+ # TODO: Once we implement Horizon behind a VIP, this obviously needs to
+ # be changed.
+ #if i < 2 then
+ # config.vm.network "forwarded_port", guest: 80, host: 8080
+ #end
+ end
+ end
+
+end
diff --git a/vagrant/bootstrap.sh b/vagrant/bootstrap.sh
new file mode 100644
index 0000000000..4a975198c2
--- /dev/null
+++ b/vagrant/bootstrap.sh
@@ -0,0 +1,124 @@
+#!/usr/bin/env bash
+#
+# Bootstrap script to configure all nodes.
+#
+
+export http_proxy=
+export https_proxy=
+
+# Install common packages and do some prepwork.
+function prepwork {
+ systemctl stop firewalld
+ systemctl disable firewalld
+
+ # This removes the fqdn from /etc/hosts's 127.0.0.1. This name.local will
+ # resolve to the public IP instead of localhost.
+ sed -i -r "s/^(127\.0\.0\.1\s+)(.*) `hostname` (.+)/\1 \3/" /etc/hosts
+
+ yum install -y http://mirror.nl.leaseweb.net/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
+ yum install -y MySQL-python vim-enhanced python-pip python-devel gcc openssl-devel libffi-devel libxml2-devel libxslt-devel && yum clean all
+ pip install --upgrade docker-py shade
+}
+
+# Install and configure a quick&dirty docker daemon.
+function installdocker {
+ # Allow for an externally supplied docker binary.
+ if [ -f "/data/docker" ]; then
+ cp /vagrant/docker /usr/bin/docker
+ chmod +x /usr/bin/docker
+ else
+ cat >/etc/yum.repos.d/docker.repo <<-EOF
+[dockerrepo]
+name=Docker Repository
+baseurl=https://yum.dockerproject.org/repo/main/centos/7
+enabled=1
+gpgcheck=1
+gpgkey=https://yum.dockerproject.org/gpg
+EOF
+ # Also upgrade device-mapper here because of:
+ # https://github.com/docker/docker/issues/12108
+ yum install -y docker-engine device-mapper
+
+ # Despite it shipping with /etc/sysconfig/docker, Docker is not configured to
+ # load it from it's service file.
+ sed -i -r 's,(ExecStart)=(.+),\1=\2 --insecure-registry operator.local:5000 --registry-mirror=http://operator.local:5000,' /usr/lib/systemd/system/docker.service
+
+ systemctl daemon-reload
+ systemctl enable docker
+ systemctl start docker
+ fi
+
+ usermod -aG docker vagrant
+}
+
+# Configure the operator node and install some additional packages.
+function configureoperator {
+ yum install -y git mariadb && yum clean all
+ pip install --upgrade ansible python-openstackclient
+
+ if [ ! -d ~vagrant/kolla ]; then
+ su - vagrant sh -c "https_proxy=$https_proxy git clone https://github.com/stackforge/kolla.git ~/kolla"
+ pip install -r ~vagrant/kolla/requirements.txt
+ fi
+
+ # Note: this trickery requires a patched docker binary.
+ if [ "$http_proxy" = "" ]; then
+ su - vagrant sh -c "echo BUILDFLAGS=\\\"--build-env=http_proxy=$http_proxy --build-env=https_proxy=$https_proxy\\\" > ~/kolla/.buildconf"
+ fi
+
+ ln -sf ~vagrant/kolla/etc/kolla/ /etc/kolla
+ ln -sf ~vagrant/kolla/etc/kolla/ /usr/share/kolla
+
+ # Make sure Ansible uses scp.
+ cat > ~vagrant/.ansible.cfg <<EOF
+[defaults]
+forks=100
+
+[ssh_connection]
+scp_if_ssh=True
+EOF
+ chown vagrant: ~vagrant/.ansible.cfg
+
+ # The openrc file.
+ cat > ~vagrant/openrc <<EOF
+export OS_AUTH_URL="http://support01.local:35357/v2.0"
+export OS_USERNAME=admin
+export OS_PASSWORD=password
+export OS_TENANT_NAME=admin
+export OS_VOLUME_API_VERSION=2
+EOF
+
+ # Quick&dirty helper script to push images to the local registry's lokolla
+ # namespace.
+ cat > ~vagrant/tag-and-push.sh <<EOF
+for image in \$(docker images|awk '/^kollaglue/ {print \$1}'); do
+ docker tag \$image operator.local:5000/lokolla/\${image#kollaglue/}:latest
+ docker push operator.local:5000/lokolla/\${image#kollaglue/}:latest
+done
+EOF
+ chmod +x ~vagrant/tag-and-push.sh
+
+ chown vagrant: ~vagrant/openrc ~vagrant/tag-and-push.sh
+
+ # Launch a local registry (and mirror) to speed up pulling images.
+ # 0.9.1 is actually the _latest_ tag.
+ if [[ ! $(docker ps -a -q -f name=registry) ]]; then
+ docker run -d \
+ --name registry \
+ --restart=always \
+ -p 5000:5000 \
+ -e STANDALONE=True \
+ -e MIRROR_SOURCE=https://registry-1.docker.io \
+ -e MIRROR_SOURCE_INDEX=https://index.docker.io \
+ -e STORAGE_PATH=/var/lib/registry \
+ -v /data/host/registry-storage:/var/lib/registry \
+ registry:0.9.1
+ fi
+}
+
+prepwork
+installdocker
+
+if [ "$1" = "operator" ]; then
+ configureoperator
+fi