-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmecha-az0.yaml
144 lines (144 loc) · 7.14 KB
/
mecha-az0.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
clouddomain: ci.vexxhost.ca
manila_enabled: true
ceph_devices:
# 894.3 GiB total for Cinder and Manila
- /dev/disk/by-path/pci-0000:45:00.0-ata-3 # 894.3 GiB
# https://bugzilla.redhat.com/show_bug.cgi?id=2235819
# https://support.vexxhost.com/hc/en-us/requests/364632
# https://support.vexxhost.com/hc/en-us/requests/364694
# This is because the system see the disks as removable and Ceph
# will refuse to use them.
ceph_devices_to_lvm: true
ephemeral_storage_devices:
# 1.1 TiB total for Nova instances
- /dev/disk/by-path/pci-0000:45:00.0-ata-2 # 223.6 GiB
- /dev/disk/by-path/pci-0000:45:00.0-ata-4 # 894.3 GiB
swiftoperator_enabled: false
rhsm_enabled: true
enabled_services:
- /usr/share/openstack-tripleo-heat-templates/environments/disable-swift.yaml
# OpenStack API runnings under WSGI have a common function to calculate the number of workers:
# The value for os_workers is max between '(<# processors> / 2)' and '2' with
# a cap of 12.
# https://opendev.org/openstack/puppet-openstacklib/src/commit/495701901eabb24d28f2a2276275e1c1537133c1/lib/facter/os_workers.rb#L37-L38
# On vexxhost machines, we have 96 cores, so each API can create up to 12 workers.
# This has been problematic for us when deploying OpenShift with Kuryr which
# consumes a lot of load balancers and Octavia is using more than half of the RAM available on the host
# so we decided to reduce the number of workers to reduce the amount of RAM that will be consumed.
standalone_extra_config:
# This stopped working for some reason, we need to debug
octavia::wsgi::apache:workers: 4
neutron_bridge_mappings: hostonly:br-hostonly,external:br-ex
neutron_flat_networks: hostonly,external
hostonly_v6_cidr: "fd2e:6f44:5dd8:c956::/64"
neutron_mtu: 1450
ctlplane_mtu: 1500
hostonly_mtu: 1500
public_mtu: 1500
extra_heat_params:
CinderRbdFlattenVolumeFromSnapshot: true
ExtraFirewallRules:
'168 allow squid':
dport: 3128
proto: tcp
action: insert
'169 allow openstack-proxy':
dport: 13001
proto: tcp
action: insert
'170 allow dnsmasq':
dport: 53
proto: udp
action: insert
# Turn off debug
Debug: false
# But restore debug for the services we care about
CinderDebug: true
GlanceDebug: true
KeystoneDebug: true
NeutronDebug: true
NovaDebug: true
ManilaDebug: true
OctaviaDebug: true
network_config:
- type: ovs_bridge
name: br-ctlplane
use_dhcp: false
ovs_extra:
- br-set-external-id br-ctlplane bridge-id br-ctlplane
addresses:
- ip_netmask: 192.168.24.1/24
members:
- type: interface
name: dummy0
nm_controlled: true
mtu: 1500
- type: ovs_bridge
name: br-hostonly
use_dhcp: false
ovs_extra:
- br-set-external-id br-hostonly bridge-id br-hostonly
addresses:
- ip_netmask: 192.168.25.1/24
- ip_netmask: fd2e:6f44:5dd8:c956::1/64
members:
- type: interface
name: dummy1
nm_controlled: true
mtu: 1500
post_install: |
sudo dnf install -y wget
export OS_CLOUD=standalone
openstack network set --name external hostonly
openstack subnet set --name external-subnet hostonly-subnet
openstack subnet set --name external-subnet-v6 hostonly-subnet-v6
openstack subnet set --dns-nameserver fd2e:6f44:5dd8:c956::1 external-subnet-v6
openstack router create --project openshift --tag shiftstack-prune=keep dualstack
openstack network create --project openshift --tag shiftstack-prune=keep slaac-network-v6
openstack subnet create slaac-v6 --project openshift --tag shiftstack-prune=keep --subnet-range 2001:db8:2222:5555::/64 --network slaac-network-v6 --ip-version 6 --ipv6-ra-mode slaac --ipv6-address-mode slaac
openstack subnet create slaac-v4 --project openshift --tag shiftstack-prune=keep --subnet-range 10.197.0.0/16 --network slaac-network-v6
openstack router add subnet dualstack slaac-v6
openstack router add subnet dualstack slaac-v4
openstack router set --external-gateway external dualstack
openstack network create --external --provider-physical-network external --provider-network-type flat external-proxy
openstack subnet create external-proxy-subnet --network external-proxy --subnet-range 38.102.83.0/24 --no-dhcp --gateway 38.102.83.1 --allocation-pool "start=38.102.83.242,end=38.102.83.242" --allocation-pool "start=38.102.83.229,end=38.102.83.229" --allocation-pool "start=38.102.83.149,end=38.102.83.149" --allocation-pool "start=38.102.83.208,end=38.102.83.208" --allocation-pool "start=38.102.83.31,end=38.102.83.31"
openstack image show centos9-stream || wget https://cloud.centos.org/centos/9-stream/x86_64/images/CentOS-Stream-GenericCloud-9-latest.x86_64.qcow2 && openstack image create --public --disk-format qcow2 --file CentOS-Stream-GenericCloud-9-latest.x86_64.qcow2 centos9-stream && rm -f CentOS-Stream-GenericCloud-9-latest.x86_64.qcow2
openstack flavor create --ram 16384 --disk 40 --vcpu 4 --ephemeral 10 --public m1.xlarge.2
openstack quota set --cores 120 --fixed-ips -1 --injected-file-size -1 --injected-files -1 --instances -1 --key-pairs -1 --properties -1 --ram 450000 --gigabytes 4000 --server-groups -1 --server-group-members -1 --backups -1 --backup-gigabytes -1 --per-volume-gigabytes -1 --snapshots -1 --volumes -1 --floating-ips 80 --secgroup-rules -1 --secgroups -1 --networks -1 --subnets -1 --ports -1 --routers -1 --rbac-policies -1 --subnetpools -1 openshift
sudo podman create --net=host --name=squid --volume /home/stack/squid/squid.conf:/etc/squid/squid.conf:z --volume /home/stack/squid/htpasswd:/etc/squid/htpasswd:z quay.io/emilien/squid:latest
sudo podman generate systemd --name squid | sudo tee -a /etc/systemd/system/container-squid.service
sudo systemctl enable --now container-squid
sudo wget -O /usr/sbin/openstack-proxy https://github.com/pierreprinetti/openstack-proxy/releases/download/v2.1.1/openstack-proxy
sudo chmod +x /usr/sbin/openstack-proxy
sudo tee /etc/systemd/system/openstack-proxy.service << EOF > /dev/null
[Unit]
Description=openstack-proxy service
After=network-online.target
[Service]
ExecStart=/usr/sbin/openstack-proxy --url https://[fd2e:6f44:5dd8:c956::1]:13001 --cert /etc/pki/tls/private/overcloud_endpoint.pem --key /etc/pki/tls/private/overcloud_endpoint.pem
Environment="OS_CLOUD=openstack" "OS_CLIENT_CONFIG_FILE=/home/stack/.config/openstack/clouds.yaml"
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload
sudo systemctl enable --now openstack-proxy
sudo dnf install -y dnsmasq
sudo tee /etc/dnsmasq.conf << EOF > /dev/null
port=53
user=dnsmasq
group=dnsmasq
bind-interfaces
interface=br-hostonly
EOF
sudo systemctl enable --now dnsmasq
git clone https://github.com/shiftstack/shiftstack-ci
cd shiftstack-ci
export OS_CLOUD=openshift
./refresh_rhcos.sh -b 4.17
openstack image set --name rhcos-4.17-hcp-nodepool --tag shiftstack-prune=keep rhcos-4.17
./refresh_rhcos.sh -b 4.18
openstack image set --name rhcos-4.18-hcp-nodepool --tag shiftstack-prune=keep rhcos-4.18
./refresh_rhcos.sh -b 4.19
openstack image set --name rhcos-4.19-hcp-nodepool --tag shiftstack-prune=keep rhcos-4.19
./refresh_rhcos.sh -b 4.19
openstack image set --name rhcos-latest-hcp-nodepool --tag shiftstack-prune=keep rhcos-4.19