Bring up the Control Plane
Bringing up only the control plane
Controller node Configuration
Verify Requirements
Check disk space
Here, we see that there is more than 20GB free in the root file system.
Check Available memory
We see that total memory is more than 8G.
Check and configure networking for the Public API
Identify which network interface(s) you plan to use for the public API and ssh. We will refer to this as kolla_external_vip_interface
For this example, we've made the following assumptions, but you will need to customize to your own values.
kolla_external_vip_interface
:eth_public_api
interface ip address:
192.5.87.10/23
kolla_external_vip_address
:192.5.87.254
system hostname:
dev01
Here, we have chosen an interface named
eth_public_api
to act as thekolla_external_vip_interface
We see that it has an address configured, and that kolla_external_vip_address
is not present. This is correct, as keepalived
will manage the VIP address.
Check and configure networking for the Internal/Admin API
Identify which network interface(s) you plan to use for the Admin/Internal API. We will refer to this as network_interface
For this example, we've made the following assumptions, but you will need to customize to your own values.
network_interface
:eth_internal_api
interface ip address:
10.20.111.10/23
kolla_internal_vip_address
:10.20.111.254
system hostname:
dev01
Here, we have chosen an interface named
eth_internal_api
to act as thekolla_internal_vip_address
We see that it has an address configured, and that kolla_internal_vip_address
is not present. This is correct, as keepalived
will manage the VIP address.
Check and configure the system hostname
It's important that the system hostname resolves to the interface IP addresses, not to one of the VIPs
Note that the system hostname should not point to the kolla_internal_vip_address
If it does not resolve to the interface IP, this will be fixed during bootstrap later.
Set up Linux users and permissions
We need somewhere to run the tools, and an account to run them as. We recommend not using the root
account to do so. Ensure you have a non-root user account, with paswordless sudo configured. We will refer to this account as deploy-user
, and their group as deploy-group
. Replace these with your own values.
Ensure permissions and groups
Log out and back in to refresh group membership, then verify.
Set directory permissions
For this example, we'll be putting files into /opt/
, so we need to ensure that it can be read and written by members of deploy-group
Install Dependencies
Now we need to install some dependencies, then check out and set up chi-in-a-box
Site Configuration
Clone and initialize chi-in-a-box. This assumes that we're using the /opt
directory that was set up in the last section.
Setting up the ansible hosts file
You'll need to configure a few lines in the file /opt/site-config/inventory/hosts
, to tell cc-ansible which services to install where. Here, each of the control
,network
,monitoring
,and storage
groups get one entry, dev01
, the hostname of your controller node. You don't need to modify the rest of the file.
Create a minimal `defaults.yml`
In your site config directory, /opt/site-config
, you now have a file called defaults.yml
For a minimal deployment, you only need the following lines uncommented. The values are from the prior section.
If you are using a separate deploy
host from your controller
, then you'll need to put the _interface
lines into a separate file instead, /opt/site-config/inventory/host_vars/<hostname>
, where hostname
is dev01
in this example.
Bootstrap Servers
Run cc-ansible --site /opt/site-config/ bootstrap-servers
This will install docker, configure /etc/hosts, and generally configure the system to run the rest of the installation.
Afterwards, you should see that /etc/hosts
contains an entry for your hostname, mapping it to the interface address. Note that this is NOT the haproxy VIP!
Run Pre-checks
Run cc-ansible --site /opt/site-config/ prechecks
This will warn you about missing configuration, and other common errors.
Downloading Containers
Add our registry password
Run ./cc-ansible --site /opt/site-config edit_passwords
Your default editor will open, and you'll see the following. Ensure that docker_registry_password
is configured as follows.
The passwords file will be re-encrypted when you exit the editor.
After configuring this password, pull the containers!
Pull Container images
Run ./cc-ansible --site /opt/site-config pull
Deploy!
You're now ready to run the deploy! This will bring up basic control plane services, listening on the IP addresses you configured above.
Run ./cc-ansible --site /opt/site-config deploy
Access your site
After deploy completes, you'll be able to access the horizon webui at http://<kolla_external_vip_address>
The username is admin
, and the password can be found by running cc-ansible --site /opt/site-config view_passwords | grep keystone_admin_password
The next steps will set up easy API access, and create default networks, flavors, and images using the API.
There's not too much useful we can do until we enable some kind of compute service, and tenant network support, so those will come in the next steps.
Last updated