OpenStack Cloud Computing Cookbook
http://www.openstackcookbook.com/
Monthly Archives: February 2014
Installing Rackspace Private Cloud using Chef Cookbooks
Posted by on February 4, 2014
What It Does
In this recipe we show you how to install Rackspace Private Cloud on 3 servers: 2 Controllers in HA and a Compute host.
Getting Ready
You will need
- a Chef server installed and configured
- 3 Servers (virtual or physical) running Ubuntu 12.04
Ensure you are on a client or server that has the Chef Client, knife, installed and configured to use your Chef Server.
How to do it…
#!/usr/bin/env bash
set -e
set -v
set -u
# This is a crude script which will deploy an openstack HA environment
# YOU have to populate the IP addresses for Controller 1 and 2 as well as
# The IP addresses for your compute nodes. Additionally you will need to
# Populate the VIP_PREFIX with the first three octets of your VIP addresses.
# You should run this script on the node that will become controller 1.
# Rabbit Password
RMQ_PW="Passw0rd"
# Rabbit IP address, this should be the host ip which is on
# the same network used by your management network
RMQ_IP="10.51.50.1"
# Set the cookbook version that we will upload to chef
COOKBOOK_VERSION="v4.2.1"
# SET THE NODE IP ADDRESSES
CONTROLLER1="10.51.50.1"
CONTROLLER2="10.51.50.2"
# ADD ALL OF THE COMPUTE NODE IP ADDRESSES, SPACE SEPERATED.
COMPUTE_NODES="10.51.50.3 10.51.50.4"
# This is the VIP prefix, IE the beginning of your IP addresses for all your VIPS.
# Note, This makes a lot of assumptions for your VIPS.
# The environment use .154, .155, .156 for your HA VIPS.
VIP_PREFIX="10.51.50"
# Make the system key used for bootstrapping self and others.
if [ ! -f "/root/.ssh/id_rsa" ];then
ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ''
pushd /root/.ssh/
cat id_rsa.pub | tee -a authorized_keys
popd
fi
for node in ${CONTROLLER1} ${CONTROLLER2} ${COMPUTE_NODES};do
ssh-copy-id ${node}
done
apt-get update
apt-get install -y python-dev python-pip git erlang erlang-nox erlang-dev curl lvm2
pip install git+https://github.com/cloudnull/mungerator
RABBIT_URL="http://www.rabbitmq.com"
function rabbit_setup() {
if [ ! "$(rabbitmqctl list_vhosts | grep -w '/chef')" ];then
rabbitmqctl add_vhost /chef
fi
if [ "$(rabbitmqctl list_users | grep -w 'chef')" ];then
rabbitmqctl delete_user chef
fi
rabbitmqctl add_user chef "${RMQ_PW}"
rabbitmqctl set_permissions -p /chef chef '.*' '.*' '.*'
}
function install_apt_packages() {
RABBITMQ_KEY="${RABBIT_URL}/rabbitmq-signing-key-public.asc"
wget -O /tmp/rabbitmq.asc ${RABBITMQ_KEY};
apt-key add /tmp/rabbitmq.asc
RABBITMQ="${RABBIT_URL}/releases/rabbitmq-server/v3.1.5/rabbitmq-server_3.1.5-1_all.deb"
wget -O /tmp/rabbitmq.deb ${RABBITMQ}
dpkg -i /tmp/rabbitmq.deb
rabbit_setup
CHEF="https://www.opscode.com/chef/download-server?p=ubuntu&pv=12.04&m=x86_64"
CHEF_SERVER_PACKAGE_URL=${CHEF}
wget -O /tmp/chef_server.deb ${CHEF_SERVER_PACKAGE_URL}
dpkg -i /tmp/chef_server.deb
}
function CREATE_SWAP() {
cat > /tmp/swap.sh <<EOF
#!/usr/bin/env bash
if [ ! "\$(swapon -s | grep -v Filename)" ];then
SWAPFILE="/SwapFile"
if [ -f "\${SWAPFILE}" ];then
swapoff -a
rm \${SWAPFILE}
fi
dd if=/dev/zero of=\${SWAPFILE} bs=1M count=1024
chmod 600 \${SWAPFILE}
mkswap \${SWAPFILE}
swapon \${SWAPFILE}
fi
EOF
cat > /tmp/swappiness.sh <<EOF
#!/usr/bin/env bash
SWAPPINESS=\$(sysctl -a | grep vm.swappiness | awk -F' = ' '{print \$2}')
if [ "\${SWAPPINESS}" != 60 ];then
sysctl vm.swappiness=60
fi
EOF
if [ ! "$(swapon -s | grep -v Filename)" ];then
chmod +x /tmp/swap.sh
chmod +x /tmp/swappiness.sh
/tmp/swap.sh && /tmp/swappiness.sh
fi
}
CREATE_SWAP
install_apt_packages
mkdir -p /etc/chef-server
cat > /etc/chef-server/chef-server.rb <<EOF
erchef["s3_url_ttl"] = 3600
nginx["ssl_port"] = 4000
nginx["non_ssl_port"] = 4080
nginx["enable_non_ssl"] = true
rabbitmq["enable"] = false
rabbitmq["password"] = "${RMQ_PW}"
rabbitmq["vip"] = "${RMQ_IP}"
rabbitmq['node_ip_address'] = "${RMQ_IP}"
chef_server_webui["web_ui_admin_default_password"] = "THISisAdefaultPASSWORD"
bookshelf["url"] = "https://#{node['ipaddress']}:4000"
EOF
chef-server-ctl reconfigure
sysctl net.ipv4.conf.default.rp_filter=0 | tee -a /etc/sysctl.conf
sysctl net.ipv4.conf.all.rp_filter=0 | tee -a /etc/sysctl.conf
sysctl net.ipv4.ip_forward=1 | tee -a /etc/sysctl.conf
bash <(wget -O - http://opscode.com/chef/install.sh)
SYS_IP=$(ohai ipaddress | awk '/^ / {gsub(/ *\"/, ""); print; exit}')
export CHEF_SERVER_URL=https://${SYS_IP}:4000
# Configure Knife
mkdir -p /root/.chef
cat > /root/.chef/knife.rb <<EOF
log_level :info
log_location STDOUT
node_name 'admin'
client_key '/etc/chef-server/admin.pem'
validation_client_name 'chef-validator'
validation_key '/etc/chef-server/chef-validator.pem'
chef_server_url "https://${SYS_IP}:4000"
cache_options( :path => '/root/.chef/checksums' )
cookbook_path [ '/opt/chef-cookbooks/cookbooks' ]
EOF
if [ ! -d "/opt/" ];then
mkdir -p /opt/
fi
if [ -d "/opt/chef-cookbooks" ];then
rm -rf /opt/chef-cookbooks
fi
git clone https://github.com/rcbops/chef-cookbooks.git /opt/chef-cookbooks
pushd /opt/chef-cookbooks
git checkout ${COOKBOOK_VERSION}
git submodule init
git submodule sync
git submodule update
# Get add-on Cookbooks
knife cookbook site download -f /tmp/cron.tar.gz cron 1.2.6
tar xf /tmp/cron.tar.gz -C /opt/chef-cookbooks/cookbooks
knife cookbook site download -f /tmp/chef-client.tar.gz chef-client 3.0.6
tar xf /tmp/chef-client.tar.gz -C /opt/chef-cookbooks/cookbooks
# Upload all of the RCBOPS Cookbooks
knife cookbook upload -o /opt/chef-cookbooks/cookbooks -a
popd
# Save the erlang cookie
if [ ! -f "/var/lib/rabbitmq/.erlang.cookie" ];then
ERLANG_COOKIE="ANYSTRINGWILLDOJUSTFINE"
else
ERLANG_COOKIE="$(cat /var/lib/rabbitmq/.erlang.cookie)"
fi
# DROP THE BASE ENVIRONMENT FILE
cat > /opt/base.env.json <<EOF
{
"name": "RCBOPS_Openstack_Environment",
"description": "Environment for Openstack Private Cloud",
"cookbook_versions": {
},
"json_class": "Chef::Environment",
"chef_type": "environment",
"default_attributes": {
},
"override_attributes": {
"monitoring": {
"procmon_provider": "monit",
"metric_provider": "collectd"
},
"enable_monit": true,
"osops_networks": {
"management": "${VIP_PREFIX}.0/24",
"swift": "${VIP_PREFIX}.0/24",
"public": "${VIP_PREFIX}.0/24",
"nova": "${VIP_PREFIX}.0/24"
},
"rabbitmq": {
"cluster": true,
"erlang_cookie": "${ERLANG_COOKIE}"
},
"nova": {
"config": {
"use_single_default_gateway": false,
"ram_allocation_ratio": 1.0,
"disk_allocation_ratio": 1.0,
"cpu_allocation_ratio": 2.0,
"resume_guests_state_on_host_boot": false
},
"network": {
"provider": "neutron"
},
"scheduler": {
"default_filters": [
"AvailabilityZoneFilter",
"ComputeFilter",
"RetryFilter"
]
},
"libvirt": {
"vncserver_listen": "0.0.0.0",
"virt_type": "qemu"
}
},
"keystone": {
"pki": {
"enabled": false
},
"admin_user": "admin",
"tenants": [
"service",
"admin",
"demo",
"demo2"
],
"users": {
"admin": {
"password": "secrete",
"roles": {
"admin": [
"admin"
]
}
},
"demo": {
"password": "secrete",
"default_tenant": "demo",
"roles": {
"Member": [
"demo2",
"demo"
]
}
},
"demo2": {
"password": "secrete",
"default_tenant": "demo2",
"roles": {
"Member": [
"demo2",
"demo"
]
}
}
}
},
"neutron": {
"ovs": {
"network_type": "gre",
"provider_networks": [
{
"bridge": "br-eth2",
"vlans": "1024:1024",
"label": "ph-eth2"
}
]
}
},
"mysql": {
"tunable": {
"log_queries_not_using_index": false
},
"allow_remote_root": true,
"root_network_acl": "127.0.0.1"
},
"vips": {
"horizon-dash": "${VIP_PREFIX}.156",
"keystone-service-api": "${VIP_PREFIX}.156",
"nova-xvpvnc-proxy": "${VIP_PREFIX}.156",
"nova-api": "${VIP_PREFIX}.156",
"cinder-api": "${VIP_PREFIX}.156",
"nova-ec2-public": "${VIP_PREFIX}.156",
"config": {
"${VIP_PREFIX}.156": {
"vrid": 12,
"network": "public"
},
"${VIP_PREFIX}.154": {
"vrid": 10,
"network": "public"
},
"${VIP_PREFIX}.155": {
"vrid": 11,
"network": "public"
}
},
"rabbitmq-queue": "${VIP_PREFIX}.155",
"nova-novnc-proxy": "${VIP_PREFIX}.156",
"mysql-db": "${VIP_PREFIX}.154",
"glance-api": "${VIP_PREFIX}.156",
"keystone-internal-api": "${VIP_PREFIX}.156",
"horizon-dash_ssl": "${VIP_PREFIX}.156",
"glance-registry": "${VIP_PREFIX}.156",
"neutron-api": "${VIP_PREFIX}.156",
"ceilometer-api": "${VIP_PREFIX}.156",
"ceilometer-central-agent": "${VIP_PREFIX}.156",
"heat-api": "${VIP_PREFIX}.156",
"heat-api-cfn": "${VIP_PREFIX}.156",
"heat-api-cloudwatch": "${VIP_PREFIX}.156",
"keystone-admin-api": "${VIP_PREFIX}.156"
},
"glance": {
"images": [
],
"image": {
},
"image_upload": false
},
"osops": {
"do_package_upgrades": false,
"apply_patches": false
},
"developer_mode": false
}
}
EOF
# Upload all of the RCBOPS Roles
knife role from file /opt/chef-cookbooks/roles/*.rb
knife environment from file /opt/base.env.json
# Build all the things
knife bootstrap -E RCBOPS_Openstack_Environment -r role[ha-controller1],role[single-network-node] ${CONTROLLER1}
knife bootstrap -E RCBOPS_Openstack_Environment -r role[ha-controller2],role[single-network-node] ${CONTROLLER2}
for node in ${COMPUTE_NODES};do
knife bootstrap -E RCBOPS_Openstack_Environment -r role[single-compute] ${node}
done
OpenStack Cloud Computing Cookbook 