stackforge/tripleo-ansible
Code Issues Proposed changes
tripleo-ansible/README.rst
Julia Kreger 06fa192e91 CORE-1279 Adding controllerMgmt support 
This commit adds the additional services and ansible plays to update
the controllermgmt node.

Change-Id: If7257cc90f583e6dfe26186271f9b45ef160b833
2014-08-21 15:43:24 -04:00

119 lines
6.1 KiB
ReStructuredText
Raw Blame History

Using Ansible to update images
==============================
This is a new approach to updating an in-place TripleO cloud with new
images. We have chosen Ansible as it allows fine grained control of
the work-flow without requiring one to write any idempotent bash or
python. There are components that are bash or python scripts, and we are
working hard not to replace the whole of TripleO with Ansible, but just
the pieces that make updates more complicated than they need to be.
In general this update process works in the following manner:
* Gather inventory and facts about the deployed cloud from Heat and Nova
* Quiesce the cloud by shutting down all OpenStack services on
appropriate nodes
* Nova-Rebuild nodes using requested image ids
* Disable os-collect-config polling of Heat
* Push Metadata from Heat to rebuilt nodes using Ansible and manually
trigger os-collect-config
* Start OpenStack services
Installing Ansible
------------------
Please see the `ansible` element in `tripleo-image-elements`
The following patches are required for operation:
* Allow using non-default collectors (openstack/os-collect-config)
- https://review.openstack.org/#/c/114116/2 - This is a bugfix for
os-collect-config.
* Add nova metadata for group (openstack/tripleo-heat-templates) -
https://review.openstack.org/#/c/113358/2 - This heat template update
labels instances such that the ansible tools can group the instances
into groups to facilitate the updates.
* Make signal_transport a parameter (openstack/tripleo-heat-templates)
- https://review.openstack.org/#/c/113408/2 - Parameterizes
signal_transport to allow updates to occur other than via Heat.
* Element to restore ssh keys from
/mnt/state (openstack/tripleo-image-elements) -
https://review.openstack.org/#/c/114360/ - This includes a new image
element, named restore-ssh-host-keys, which is intended to restore host
keys preserved by the ansible scripts after a reboot.
* Addition of basic ansible install - (gozer: hp/tripleo-ansible)
https://review.hpcloud.net/#/c/37333/ - This includes a new
image element, named ansible, installs v1.7.0 of ansible to
/opt/stack/venvs/ansible/, and places symlinks for ansible and
ansible-playbook to /usr/local/bin to allow for easy program execution.
* Add tripleo-ansible to /opt/stack - (gozer: hp/tripleo-ansible)
https://review.hpcloud.net/#/c/37341 - This includes a new image element,
named tripleo-ansible, which can be included in seed and undercloud
image builds to allow the tripleo-ansible tools to be automatically
deployed for use.
The following patches are HIGHLY recommended:
* Allow rebuild of node in ERROR and DEPLOYFAIL state -
(openstack/ironic) https://review.openstack.org/#/c/114281/3 It should
be noted that the upstream PTL has seen it and while it lacks tests so
can't land right now, it is acceptable to upstream at an existential
level.
Running the updates
-------------------
You will want to set your environment variables to the appropriate
values for the following: OS_AUTH_URL, OS_USERNAME, OS_PASSWORD, and
OS_TENANT_NAME
source /root/stackrc
Your new images will need to be uploaded to glance, such that an instance
can be booted from them, and the image ID will need to be provided to
the playbook as an argument.
You can obtain the ID with the `glance image-list` command, and then
set them to be passed into ansible as arguments.
glance image-list
You will now want to utilize the image ID values observed in the previous
step, and execute the ansible-playbook command with the appropriate values
subsituted into place. Current variables for passing the image variables
in are nova_compute_rebuild_image_id and controller_rebuild_image_id
which are passed into the chained playbook.
ansible-playbook -vvvv -u heat-admin -M library/cloud -i plugins/inventory/heat.py -e nova_compute_rebuild_image_id=1ae9fe6e-c0cc-4f62-8e2b-1d382b20fdcb -e controller_rebuild_image_id=2432dd37-a072-463d-ab86-0861bb5f36cc -e controllermgmt_rebuild_image_id=2432dd37-a072-463d-ab86-0861bb5f36cc -e swift_storage_rebuild_image_id=2432dd37-a072-463d-ab86-0861bb5f36cc playbooks/update_cloud.yml
Below, we break down the above command so you can see what each part does:
* -vvvv - Make Ansible very verbose.
* -u heat-admin - Utilize the heat-admin user to connect to the remote machine.
* -M library/cloud - Sets the module location so the modules load for the playbooks to execute.
* -i plugins/inventory/heat.py - Sets the inventory plugin.
* -e nova_compute_rebuild_image_id=1ae9fe6e-c0cc-4f62-8e2b-1d382b20fdcb - Sets the compute node image ID.
* -e controller_rebuild_image_id=2432dd37-a072-463d-ab86-0861bb5f36cc - Sets the controller node image ID.
* -e controllermgmt_rebuild_image_id=2432dd37-a072-463d-ab86-0861bb5f36cc - Sets the storage node image ID.
* -e swift_storage_rebuild_image_id=2432dd37-a072-463d-ab86-0861bb5f36cc - Sets the storage node image ID.
* playbooks/update_cloud.yml is the path and file name to the ansible playbook that will be utilized.
Upon a successful completion, ansible will print a summary report:
PLAY RECAP ********************************************************************
192.0.2.24 : ok=18 changed=9 unreachable=0 failed=0
192.0.2.25 : ok=19 changed=9 unreachable=0 failed=0
192.0.2.26 : ok=18 changed=8 unreachable=0 failed=0
Additionally:
As ansible utilizes SSH, you may encounter ssh key errors if the IP
address has been re-used. The fact that SSH keys aren't preserved is a
defect that is being addressed. In order to avoid problems while this
defect is being fixed, you will want to set an environment variable of
"ANSIBLE_HOST_KEY_CHECKING=False", example below.
ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -vvvv -M library/cloud -i plugins/inventory/heat.py -e controller_rebuild_image_id=4bee1a0a-2670-48e4-a3a4-17da6be795cb -e nova_compute_rebuild_image_id=bd20e098-0753-4dc8-8dba-2f739c01ee65 -u heat-admin playbooks/update_cloud.yml
For more information about Ansible, please refer to the documentation at http://docs.ansible.com/
View Git Blame Copy Permalink