Creating openstack zone archive
zonecfg -z openstack_install create # or for kernel zone zonecfg -z openstack_kz create -t SYSsolaris-kz zoneadm -z openstack_install install zoneadm -z openstack_install boot
Prepare the zone for uploading to Glance by first creating SSH authentication credentials to enable root SSH for OpenStack root login access
Enable root ssh with key
root@zone-name# sed /^PermitRootLogin/s/no$/without-password/ < /etc/ssh/sshd_config > /system/volatile/sed.$$ root@zone-name# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig root@zone-name# cp /system/volatile/sed.$$ /etc/ssh/sshd_config archiveadm create -z openstack_install /zones/openstack-ngz.uar
How to use cinder with ZFS appliance iSCSI
Configure iSCSI to each compute node
svcadm enable nas1a Get the zfs appliance Initiator and ip address iscsiadm add static-config iqn.1986-03.com.sun:02:76f57f55-433a-e28e-baa0-9dba77d35bd4,10.10.10.50 # Add to zfs appliance, under AddInitiators # Get the host initiator iscsiadm list initiator-node |grep "Initiator node name" iscsiadm list initiator-node
Add a volume type with the name zfssa-2 in the Horizon under volumes
Note: the name should match the driver name
The config below is for using NAS/iSCSI only (local) is not enabled
... default_volume_type = zfssa-2 auth_strategy=keystone #enabled_backends = local_zfs,zfssa-2 enabled_backends = zfssa-2 #san_is_local=true ... #zadara_vpsa_allow_nonexistent_delete=true [zfs_local] zfs_volume_base=zones/cinder volume_driver=cinder.volume.drivers.solaris.zfs.ZFSVolumeDriver volume_backend_name = zfs_local [zfssa-2] #iscsi_helper=tgtadm volume_backend_name = zfssa-2 volume_driver = cinder.volume.drivers.zfssa.zfssaiscsi.ZFSSAISCSIDriver san_ip = 10.10.10.10 san_login = zfs_cinder san_password = openstack zfssa_pool = HP-pool1 zfssa_project = openstack-hp zfssa_target_portal = 10.10.10.10:3260 zfssa_target_interfaces = vnic1 zfssa_initiator_group = os-init-grp #zfssa_initiator_group = default zfssa_target_group = os-tgt-gpt zfssa_lun_volblocksize = 8k zfssa_lun_compression = lzjb zfssa_lun_logbias = latency #zfssa_initiator = iqn.1986-03.com.sun:01:e00000000000.5644a63, iqn.1986.. zfssa_initiator = iqn.1986-03.com.sun:01:e00000000000.5644a693 zfssa_rest_timeout = 700
Restart all needed services like below
# Disable svcadm disable svc:/application/openstack/cinder/cinder-volume:default svc:/application/openstack/cinder/cinder-volume:setup svc:/application/openstack/cinder/cinder-scheduler:default svc:/application/openstack/cinder/cinder-api:default svcadm disable svc:/application/openstack/cinder/cinder-upgrade:default svcadm disable svc:/application/openstack/cinder/cinder-db:default # Enable svcadm enable svc:/application/openstack/cinder/cinder-upgrade:default svcadm enable svc:/application/openstack/cinder/cinder-db:default svcadm enable svc:/application/openstack/cinder/cinder-api:default svc:/application/openstack/cinder/cinder-scheduler:default svc:/application/openstack/cinder/cinder-volume:default svc:/application/openstack/cinder/cinder-volume:setup
To verify all volume groups
cinder-manage service list
To configure heat
Add to heat-keystone-setup on top
export OS_SERVICE_ENDPOINT=http://10.10.3.121 export SERVICE_HOST=10.10.3.121 export OS_AUTH_URL=http://os1:5000/v2.0 export OS_USERNAME=admin export OS_PASSWORD=password export OS_TENANT_NAME=devtech101 export SERVICE_PASSWORD=password
if the script keeps on failing
you might also need to unset the SERVICE_TOKEN
Expecting an endpoint provided via either --os-endpoint or env[OS_SERVICE_ENDPOINT]
unset OS_SERVICE_TOKEN
unset OS_SERVICE_ENDPOINT
# About line 284 add
unset SERVICE_TOKEN
Just run the below
/usr/demo/openstack/keystone/heat-keystone-setup
Modify /etc/heat/heat.conf
Create heat template
rabbit_host=10.10.3.121 rabbit_userid=admin rabbit_password=password [database] connection=mysql://heat:password@localhost/heat [keystone_authtoken] auth_uri=http://10.10.3.121:5000/v2.0/ identity_uri=http://10.10.3.121:35357/ admin_user=heat admin_password=password admin_tenant_name=service
/etc/heat/api-paste.ini
[filter:authtoken] paste.filter_factory = keystonemiddleware.auth_token:filter_factory auth_uri = http://10.10.3.121:5000/v2.0/ identity_uri = http://10.10.3.121:35357 admin_tenant_name = service admin_user = heat admin_password = password
Enable all the heat services
svcadm enable -rs heat-api heat-db heat-engine heat-api-cfn heat-api-cloudwatch
Then just create template
heat stack-create -f template mystack
# Sample template
heat_template_version: 2015-11-23
description: Create a a few networks.
resources:
heat_net1:
type:OS::Neutron::Net
properties:
name:heat_net1
heat_subnet1:
type:OS::Neutron::Subnet
properties:
name:heat_subnet1
network_id: { get_resource: heat_net1 }
cidr: 192.168.50.0/24
heat_net2:
type:OS::Neutron::Net
properties:
name: heat_net2
heat_subnet2:
type:OS::Neutron::Subnet
properties:
name:heat_subnet2
network_id: { get_resource: heat_net2 }
cidr: 192.168.51.0/24
heat_net3:
type:OS::Neutron::Net
properties:
name: heat_net3
heat_subnet3:
type:OS::Neutron::Subnet
properties:
name:heat_subnet3
network_id: { get_resource: heat_net3 }
cidr: 192.168.52.0/24
Ironic configuration
drop database if exists ironic; create database ironic; default character set utf8 default collate utf8_general_ci; grant all privileges on ironic.* to 'ironic'@'os1' identified by 'password'; grant all privileges on ironic.* to 'ironic'@'localhost' identified by 'password'; grant all privileges on ironic.* to 'ironic'@'%' identified by 'password';
Configure ironic user
su - ironic mkdir /var/lib/ironic/.ssh ssh-keygen -N '' -t rsa -f /var/lib/ironic/.ssh/id_rsa cat /var/lib/ironic/.ssh/id_rsa.pub > /var/lib/ironic/.ssh/authorized_keys # If the AI server is on anther host, do on AI server mkdir /var/lib/ironic/.ssh scp ironic@AI-server:~/.ssh/id_rsa /var/lib/ironic/.ssh scp ironic@AI-server:~/.ssh/id_rsa.pub /var/lib/ironic/.ssh cat /var/lib/ironic/.ssh/id_rsa.pub > /var/lib/ironic/.ssh/authorized_keys ironic-localhost# chown -R ironic:ironic /var/lib/ironic/.ssh
/etc/ironic/ironic.conf
[DEFAULT] rabbit_host=10.10.3.121 rabbit_userid=admin rabbit_password=password my_ip=10.10.3.121 auth_strategy=keystone host=os1 [ai] server=10.10.3.121 username=ironic port=22 timeout=10 deploy_interval=30 ssh_key_file=/var/lib/ironic/.ssh/id_rsa host_ip=10.10.3.121 [api] port=6385 [conductor] api_url=http://10.10.3.121:6385/ heartbeat_interval=60 heartbeat_timeout=60 sync_power_state_interval=300 check_provision_state_interval=120 [database] connection= mysql://ironic:password@10.10.3.121/ironic [glance] glance_host=10.10.3.121 glance_api_servers=10.10.3.121:9292 auth_strategy=keystone auth_uri=http://10.10.3.121:5000/v2.0/ identity_uri=http://10.10.3.121:35357/ admin_user=ironic admin_password=password admin_tenant_name=service signing_dir=/var/lib/ironic/keystone-signing [solaris_ipmi] imagecache_dirname=/var/lib/ironic/images imagecache_lock_timeout=60
Now start the services
svcadm enable ironic-db svcadm enable ironic-api ironic-conductor
change the /usr/demo/openstack/keystone/ironic-keystone-setup.sh file like below
IRONIC_PASSWORD=${IRONIC_PASSWORD:-${SERVICE_PASSWORD:-password}}
CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-10.10.3.121}
CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-10.10.3.121}
CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-10.10.3.121}
IRONIC_PUBLIC_ADDRESS=${IRONIC_PUBLIC_ADDRESS:-$CONTROLLER_PUBLIC_ADDRESS}
IRONIC_ADMIN_ADDRESS=${IRONIC_ADMIN_ADDRESS:-$CONTROLLER_ADMIN_ADDRESS}
IRONIC_INTERNAL_ADDRESS=${IRONIC_INTERNAL_ADDRESS:-$CONTROLLER_INTERNAL_ADDRESS}
export OS_AUTH_URL="http://10.10.3.121:5000/v2.0"
export OS_USERNAME="admin"
export OS_PASSWORD="password"
export OS_TENANT_NAME="service"
Run as keystone
su - keystone /usr/demo/openstack/keystone/ironic-keystone-setup.sh # Note: I manual assigned the user to the service group, check in horizon to make sure ironic user is correct
Verify ironic user works
su - ironic ironic driver-list +---------------------+----------------+ | Supported driver(s) | Active host(s) | +---------------------+----------------+ | solaris | os1 | +---------------------+----------------+
Bare Metal Deployment With Ironic
first configure AI server
# Configure full address block installadm set-server -l 10.10.104.0/21 Changed Server Refreshing SMF service svc:/system/install/server:default # To configure address and count installadm set-server -i 10.10.111.50 -c 10 Warning: AI server will now manage DHCP Changed Server Enabling SMF service svc:/network/dhcp/server:ipv4 # Note the conf file is /etc/inet/dhcpd4.conf, refresh SMF for change
Note: if multihome ip address, set hostmodel
Create DHCP service for x86 clients
installadm create-service -a i386 -n s11i386 -y 0% : Service svc:/network/dns/multicast:default is not online. Installation services will not be advertised via multicast DNS. 0% : Creating service from: pkg:/install-image/solaris-auto-install 0% : Using publisher(s): 0% : solaris: http://10.10.10.11:11000/solaris/ 5% : Refreshing Publisher(s) 15% : Planning Phase [..] snip 100% : Enabling SMF service svc:/network/tftp/udp6:default 100% : Warning: mDNS registry of service 's11i386' could not be verified. 100% : Warning: mDNS registry of service 'default-i386' could not be verified. installadm list Service Name Status Arch Type Secure Alias Aliases Clients Profiles Manifests ------------ ------ ---- ---- ------ ----- ------- ------- -------- --------- default-i386 on i386 pkg no yes 0 0 0 1 s11i386 on i386 pkg no no 1 0 0 1 # Create DHCP service for SPARC clients installadm create-service -a sparc -n s11sparc -y installadm list Service Name Status Arch Type Secure Alias Aliases Clients Profiles Manifests ------------ ------ ---- ---- ------ ----- ------- ------- -------- --------- default-sparc on sparc pkg no yes 0 0 0 1 s11sparc on sparc pkg no no 1 0 0 1
export default manifest
installadm export -n s11i386 -m orig_default > /tmp/orig_default.xml vi orig_default # Add auto_reboot# Add ovn driver # Remove the first junk line of the file # Do the same for ironic-x86 installadm list Service Name Status Arch Type Secure Alias Aliases Clients Profiles Manifests ------------ ------ ---- ---- ------ ----- ------- ------- -------- --------- default-i386 on i386 pkg no yes 0 0 0 1 ironic-x86 on i386 pkg no no 0 0 0 1 s11i386 on i386 pkg no no 1 0 0 1 pkg:/entire@0.5.11-0.175.3 pkg:/group/system/solaris-large-server solaris-desktop pkg:/system/io/infiniband/ovn-virtual-io
import the file after modified
installadm update-manifest -m orig_default -n s11i386 -f /tmp/orig_default.xml Changed Manifest: 'orig_default' # and installadm update-manifest -m orig_default -n ironic-x86 -f /tmp/orig_default.xml
Source: http://blog.fabiomorais.com.br/2014/02/how-to-create-basic-automated-installer.html
To complete ironic you can use a UAR image or IPS
export ILOM_IP=10.10.10.187 export ILOM_USER=root export ILOM_PASS=changeme export HOST_MAC=00:10:e0:6f:78:f6 ironic node-create -d solaris -i ipmi_address=$ILOM_IP -i ipmi_username=$ILOM_USER -i ipmi_password=$ILOM_PASS # Get NODE ID replace below export NODE=1348a64a-c126-4a12-b525-fdd68ebde66d # Use UAR ironic node-update $NODE add driver_info/archive_uri=http://10.10.10.187/sol11-3-x86.uar # OR ironic node-update $NODE add driver_info/ai_service=ironic-x86 ironic port-create -n $NODE -a $HOST_MAC ironic node-validate $NODE ironic node-set-provision-state $NODE active ironic node-show $NODE ironic node-show 1348a64a-c126-4a12-b525-fdd68ebde66d