#!/usr/bin/env bash # shellcheck disable=SC2124,SC2145,SC2294,SC2086,SC2087,SC2155 set -o pipefail set -e SECONDS=0 if [ -z "${ACME_EMAIL}" ]; then read -rp "Enter a valid email address for use with ACME, press enter to skip: " ACME_EMAIL export ACME_EMAIL="${ACME_EMAIL:-}" fi if [ -z "${GATEWAY_DOMAIN}" ]; then echo "The domain name for the gateway is required, if you do not have a domain name press enter to use the default" read -rp "Enter the domain name for the gateway [cluster.local]: " GATEWAY_DOMAIN export GATEWAY_DOMAIN="${GATEWAY_DOMAIN:-cluster.local}" fi if [ -z "${OS_CLOUD}" ]; then read -rp "Enter name of the cloud configuration used for this build [default]: " OS_CLOUD export OS_CLOUD="${OS_CLOUD:-default}" fi if [ -z "${OS_FLAVOR}" ]; then # List compatible flavors FLAVORS=$(openstack flavor list --min-ram 16000 --min-disk 100 --sort-column Name -c Name -c RAM -c Disk -c VCPUs -f json) DEFAULT_OS_FLAVOR=$(echo "${FLAVORS}" | jq -r '[.[] | select( all(.RAM; . < 24576) )] | .[0].Name') echo "The following flavors are available for use with this build" echo "${FLAVORS}" | jq -r '["Name", "RAM", "Disk", "VCPUs"], (.[] | [.Name, .RAM, .Disk, .VCPUs]) | @tsv' | column -t read -rp "Enter name of the flavor to use for the instances [${DEFAULT_OS_FLAVOR}]: " OS_FLAVOR export OS_FLAVOR=${OS_FLAVOR:-${DEFAULT_OS_FLAVOR}} fi # Set the default image and ssh username export OS_IMAGE="${OS_IMAGE:-Ubuntu 24.04}" if [ -z "${SSH_USERNAME}" ]; then if ! IMAGE_DEFAULT_PROPERTY=$(openstack image show "${OS_IMAGE}" -f json -c properties); then read -rp "Image not found. Enter the image name: " OS_IMAGE IMAGE_DEFAULT_PROPERTY=$(openstack image show "${OS_IMAGE}" -f json -c properties) fi if [ "${IMAGE_DEFAULT_PROPERTY}" ]; then if SSH_USERNAME=$(echo "${IMAGE_DEFAULT_PROPERTY}" | jq -r '.properties.default_user'); then echo "Discovered the default username for the image ${OS_IMAGE} as ${SSH_USERNAME}" fi fi if [ -z "${SSH_USERNAME}" ] || [ "${SSH_USERNAME}" = "null" ]; then echo "The image ${OS_IMAGE} does not have a default user property, please enter the default username" read -rp "Enter the default username for the image: " SSH_USERNAME fi fi export LAB_NAME_PREFIX="${LAB_NAME_PREFIX:-hyperconverged}" if ! openstack router show ${LAB_NAME_PREFIX}-router 2> /dev/null; then openstack router create ${LAB_NAME_PREFIX}-router --external-gateway PUBLICNET fi if ! openstack network show ${LAB_NAME_PREFIX}-net 2> /dev/null; then openstack network create ${LAB_NAME_PREFIX}-net fi if ! TENANT_SUB_NETWORK_ID=$(openstack subnet show ${LAB_NAME_PREFIX}-subnet -f json 2> /dev/null | jq -r '.id'); then echo "Creating the ${LAB_NAME_PREFIX}-subnet" TENANT_SUB_NETWORK_ID=$( openstack subnet create ${LAB_NAME_PREFIX}-subnet \ --network ${LAB_NAME_PREFIX}-net \ --subnet-range 192.168.100.0/24 \ --dns-nameserver 1.1.1.1 \ --dns-nameserver 1.0.0.1 \ -f json | jq -r '.id' ) fi if ! openstack router show ${LAB_NAME_PREFIX}-router -f json 2> /dev/null | jq -r '.interfaces_info.[].subnet_id' | grep -q ${TENANT_SUB_NETWORK_ID}; then openstack router add subnet ${LAB_NAME_PREFIX}-router ${LAB_NAME_PREFIX}-subnet fi if ! openstack network show ${LAB_NAME_PREFIX}-compute-net 2> /dev/null; then openstack network create ${LAB_NAME_PREFIX}-compute-net \ --disable-port-security fi if ! TENANT_COMPUTE_SUB_NETWORK_ID=$(openstack subnet show ${LAB_NAME_PREFIX}-compute-subnet -f json 2> /dev/null | jq -r '.id'); then echo "Creating the ${LAB_NAME_PREFIX}-compute-subnet" TENANT_COMPUTE_SUB_NETWORK_ID=$( openstack subnet create ${LAB_NAME_PREFIX}-compute-subnet \ --network ${LAB_NAME_PREFIX}-compute-net \ --subnet-range 192.168.102.0/24 \ --no-dhcp -f json | jq -r '.id' ) fi if ! openstack router show ${LAB_NAME_PREFIX}-router -f json | jq -r '.interfaces_info.[].subnet_id' | grep -q ${TENANT_COMPUTE_SUB_NETWORK_ID} 2> /dev/null; then openstack router add subnet ${LAB_NAME_PREFIX}-router ${LAB_NAME_PREFIX}-compute-subnet fi if ! openstack security group show ${LAB_NAME_PREFIX}-http-secgroup 2> /dev/null; then openstack security group create ${LAB_NAME_PREFIX}-http-secgroup fi if ! openstack security group show ${LAB_NAME_PREFIX}-http-secgroup -f json 2> /dev/null | jq -r '.rules.[].port_range_max' | grep -q 443; then openstack security group rule create ${LAB_NAME_PREFIX}-http-secgroup \ --protocol tcp \ --ingress \ --remote-ip 0.0.0.0/0 \ --dst-port 443 \ --description "https" fi if ! openstack security group show ${LAB_NAME_PREFIX}-http-secgroup -f json 2> /dev/null | jq -r '.rules.[].port_range_max' | grep -q 80; then openstack security group rule create ${LAB_NAME_PREFIX}-http-secgroup \ --protocol tcp \ --ingress \ --remote-ip 0.0.0.0/0 \ --dst-port 80 \ --description "http" fi if ! openstack security group show ${LAB_NAME_PREFIX}-secgroup 2> /dev/null; then openstack security group create ${LAB_NAME_PREFIX}-secgroup fi if ! openstack security group show ${LAB_NAME_PREFIX}-secgroup -f json 2> /dev/null | jq -r '.rules.[].description' | grep -q "all internal traffic"; then openstack security group rule create ${LAB_NAME_PREFIX}-secgroup \ --protocol any \ --ingress \ --remote-ip 192.168.100.0/24 \ --description "all internal traffic" fi if ! openstack security group show ${LAB_NAME_PREFIX}-jump-secgroup 2> /dev/null; then openstack security group create ${LAB_NAME_PREFIX}-jump-secgroup fi if ! openstack security group show ${LAB_NAME_PREFIX}-jump-secgroup -f json 2> /dev/null | jq -r '.rules.[].port_range_max' | grep -q 22; then openstack security group rule create ${LAB_NAME_PREFIX}-jump-secgroup \ --protocol tcp \ --ingress \ --remote-ip 0.0.0.0/0 \ --dst-port 22 \ --description "ssh" fi if ! openstack security group show ${LAB_NAME_PREFIX}-jump-secgroup -f json 2> /dev/null | jq -r '.rules.[].protocol' | grep -q icmp; then openstack security group rule create ${LAB_NAME_PREFIX}-jump-secgroup \ --protocol icmp \ --ingress \ --remote-ip 0.0.0.0/0 \ --description "ping" fi if ! METAL_LB_IP=$(openstack port show ${LAB_NAME_PREFIX}-metallb-vip-0-port -f json 2> /dev/null | jq -r '.fixed_ips[0].ip_address'); then echo "Creating the MetalLB VIP port" METAL_LB_IP=$(openstack port create --security-group ${LAB_NAME_PREFIX}-http-secgroup --network ${LAB_NAME_PREFIX}-net ${LAB_NAME_PREFIX}-metallb-vip-0-port -f json | jq -r '.fixed_ips[0].ip_address') fi METAL_LB_PORT_ID=$(openstack port show ${LAB_NAME_PREFIX}-metallb-vip-0-port -f value -c id) if ! METAL_LB_VIP=$(openstack floating ip list --port ${METAL_LB_PORT_ID} -f json 2> /dev/null | jq -r '.[]."Floating IP Address"'); then echo "Creating the MetalLB VIP floating IP" METAL_LB_VIP=$(openstack floating ip create PUBLICNET --port ${METAL_LB_PORT_ID} -f json | jq -r '.floating_ip_address') elif [ -z "${METAL_LB_VIP}" ]; then METAL_LB_VIP=$(openstack floating ip create PUBLICNET --port ${METAL_LB_PORT_ID} -f json | jq -r '.floating_ip_address') fi if ! WORKER_0_PORT=$(openstack port show ${LAB_NAME_PREFIX}-0-mgmt-port -f value -c id 2> /dev/null); then export WORKER_0_PORT=$( openstack port create --allowed-address ip-address=${METAL_LB_IP} \ --security-group ${LAB_NAME_PREFIX}-secgroup \ --security-group ${LAB_NAME_PREFIX}-jump-secgroup \ --security-group ${LAB_NAME_PREFIX}-http-secgroup \ --network ${LAB_NAME_PREFIX}-net \ -f value \ -c id \ ${LAB_NAME_PREFIX}-0-mgmt-port ) fi if ! WORKER_1_PORT=$(openstack port show ${LAB_NAME_PREFIX}-1-mgmt-port -f value -c id 2> /dev/null); then export WORKER_1_PORT=$( openstack port create --allowed-address ip-address=${METAL_LB_IP} \ --security-group ${LAB_NAME_PREFIX}-secgroup \ --security-group ${LAB_NAME_PREFIX}-http-secgroup \ --network ${LAB_NAME_PREFIX}-net \ -f value \ -c id \ ${LAB_NAME_PREFIX}-1-mgmt-port ) fi if ! WORKER_2_PORT=$(openstack port show ${LAB_NAME_PREFIX}-2-mgmt-port -f value -c id 2> /dev/null); then export WORKER_2_PORT=$( openstack port create --allowed-address ip-address=${METAL_LB_IP} \ --security-group ${LAB_NAME_PREFIX}-secgroup \ --security-group ${LAB_NAME_PREFIX}-http-secgroup \ --network ${LAB_NAME_PREFIX}-net \ -f value \ -c id \ ${LAB_NAME_PREFIX}-2-mgmt-port ) fi if ! JUMP_HOST_VIP=$(openstack floating ip list --port ${WORKER_0_PORT} -f json 2> /dev/null | jq -r '.[]."Floating IP Address"'); then JUMP_HOST_VIP=$(openstack floating ip create PUBLICNET --port ${WORKER_0_PORT} -f json | jq -r '.floating_ip_address') elif [ -z "${JUMP_HOST_VIP}" ]; then JUMP_HOST_VIP=$(openstack floating ip create PUBLICNET --port ${WORKER_0_PORT} -f json | jq -r '.floating_ip_address') fi echo "Creating pre-defined compute ports for the flat test network" for i in {100..109}; do if ! openstack port show ${LAB_NAME_PREFIX}-0-compute-float-${i}-port 2> /dev/null; then openstack port create --network ${LAB_NAME_PREFIX}-compute-net \ --disable-port-security \ --fixed-ip ip-address="192.168.102.${i}" \ ${LAB_NAME_PREFIX}-0-compute-float-${i}-port fi done if ! COMPUTE_0_PORT=$(openstack port show ${LAB_NAME_PREFIX}-0-compute-port -f value -c id 2> /dev/null); then export COMPUTE_0_PORT=$( openstack port create --network ${LAB_NAME_PREFIX}-compute-net \ --no-fixed-ip \ --disable-port-security \ -f value \ -c id \ ${LAB_NAME_PREFIX}-0-compute-port ) fi if ! COMPUTE_1_PORT=$(openstack port show ${LAB_NAME_PREFIX}-1-compute-port -f value -c id 2> /dev/null); then export COMPUTE_1_PORT=$( openstack port create --network ${LAB_NAME_PREFIX}-compute-net \ --no-fixed-ip \ --disable-port-security \ -f value \ -c id \ ${LAB_NAME_PREFIX}-1-compute-port ) fi if ! COMPUTE_2_PORT=$(openstack port show ${LAB_NAME_PREFIX}-2-compute-port -f value -c id 2> /dev/null); then export COMPUTE_2_PORT=$( openstack port create --network ${LAB_NAME_PREFIX}-compute-net \ --no-fixed-ip \ --disable-port-security \ -f value \ -c id \ ${LAB_NAME_PREFIX}-2-compute-port ) fi if ! openstack keypair show ${LAB_NAME_PREFIX}-key 2> /dev/null; then if [ ! -f ~/.ssh/${LAB_NAME_PREFIX}-key.pem ]; then openstack keypair create ${LAB_NAME_PREFIX}-key > ~/.ssh/${LAB_NAME_PREFIX}-key.pem chmod 600 ~/.ssh/${LAB_NAME_PREFIX}-key.pem openstack keypair show ${LAB_NAME_PREFIX}-key --public-key > ~/.ssh/${LAB_NAME_PREFIX}-key.pub else if [ -f ~/.ssh/${LAB_NAME_PREFIX}-key.pub ]; then openstack keypair create ${LAB_NAME_PREFIX}-key --public-key ~/.ssh/${LAB_NAME_PREFIX}-key.pub fi fi fi ssh-add ~/.ssh/${LAB_NAME_PREFIX}-key.pem # Create the three lab instances if ! openstack server show ${LAB_NAME_PREFIX}-0 2> /dev/null; then openstack server create ${LAB_NAME_PREFIX}-0 \ --port ${WORKER_0_PORT} \ --port ${COMPUTE_0_PORT} \ --image "${OS_IMAGE}" \ --key-name ${LAB_NAME_PREFIX}-key \ --flavor ${OS_FLAVOR} fi if ! openstack server show ${LAB_NAME_PREFIX}-1 2> /dev/null; then openstack server create ${LAB_NAME_PREFIX}-1 \ --port ${WORKER_1_PORT} \ --port ${COMPUTE_1_PORT} \ --image "${OS_IMAGE}" \ --key-name ${LAB_NAME_PREFIX}-key \ --flavor ${OS_FLAVOR} fi if ! openstack server show ${LAB_NAME_PREFIX}-2 2> /dev/null; then openstack server create ${LAB_NAME_PREFIX}-2 \ --port ${WORKER_2_PORT} \ --port ${COMPUTE_2_PORT} \ --image "${OS_IMAGE}" \ --key-name ${LAB_NAME_PREFIX}-key \ --flavor ${OS_FLAVOR} fi echo "Waiting for the jump host to be ready" COUNT=0 while ! ssh -o ConnectTimeout=2 -o ConnectionAttempts=3 -o UserKnownHostsFile=/dev/null -q ${SSH_USERNAME}@${JUMP_HOST_VIP} exit; do sleep 2 echo "SSH is not ready, Trying again..." COUNT=$((COUNT+1)) if [ $COUNT -gt 30 ]; then echo "Failed to ssh into the jump host" exit 1 fi done # Run bootstrap if [ "${HYPERCONVERGED_DEV:-false}" = "true" ]; then export SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) if [ ! -d "${SCRIPT_DIR}" ]; then echo "HYPERCONVERGED_DEV is true, but we've failed to determine the base genestack directory" exit 1 fi ssh -o ForwardAgent=yes -o UserKnownHostsFile=/dev/null -t ${SSH_USERNAME}@${JUMP_HOST_VIP} \ "timeout 1m bash -c 'while ! sudo apt update; do sleep 2; done' && sudo apt install -y rsync git" echo "Copying the development source code to the jump host" rsync -az \ -e "ssh -o ForwardAgent=yes -o UserKnownHostsFile=/dev/null" \ --rsync-path="sudo rsync" \ $(readlink -fn ${SCRIPT_DIR}/../) ${SSH_USERNAME}@${JUMP_HOST_VIP}:/opt/ fi ssh -o ForwardAgent=yes -o UserKnownHostsFile=/dev/null -t ${SSH_USERNAME}@${JUMP_HOST_VIP} <<EOC set -e if ! command -v git &> /dev/null; then echo "git could not be found, installing..." sudo apt update && sudo apt install -y git fi if [ ! -d "/opt/genestack" ]; then sudo git clone --recurse-submodules -j4 https://github.com/rackerlabs/genestack /opt/genestack else sudo git config --global --add safe.directory /opt/genestack pushd /opt/genestack sudo git submodule update --init --recursive popd fi if [ ! -d "/etc/genestack" ]; then sudo /opt/genestack/bootstrap.sh sudo chown \${USER}:\${USER} -R /etc/genestack fi # We need to clobber the sample or else we get a bogus LB vip cat > /etc/genestack/manifests/metallb/metallb-openstack-service-lb.yml <<EOF --- apiVersion: metallb.io/v1beta1 kind: IPAddressPool metadata: name: gateway-api-external namespace: metallb-system spec: addresses: - ${METAL_LB_IP}/32 # This is assumed to be the public LB vip address autoAssign: false --- apiVersion: metallb.io/v1beta1 kind: L2Advertisement metadata: name: openstack-external-advertisement namespace: metallb-system spec: ipAddressPools: - gateway-api-external EOF if [ ! -f "/etc/genestack/inventory/inventory.yaml" ]; then cat > /etc/genestack/inventory/inventory.yaml <<EOF --- all: vars: cloud_name: "${LAB_NAME_PREFIX}-lab-0" ansible_python_interpreter: "/usr/bin/python3" ansible_ssh_common_args: "-o StrictHostKeyChecking=no" hosts: ${LAB_NAME_PREFIX}-0.${GATEWAY_DOMAIN}: ansible_host: $(openstack port show ${WORKER_0_PORT} -f json | jq -r '.fixed_ips[0].ip_address') ${LAB_NAME_PREFIX}-1.${GATEWAY_DOMAIN}: ansible_host: $(openstack port show ${WORKER_1_PORT} -f json | jq -r '.fixed_ips[0].ip_address') ${LAB_NAME_PREFIX}-2.${GATEWAY_DOMAIN}: ansible_host: $(openstack port show ${WORKER_2_PORT} -f json | jq -r '.fixed_ips[0].ip_address') children: k8s_cluster: vars: cluster_name: cluster.local kube_ovn_central_hosts: '{{ groups["ovn_network_nodes"] }}' kube_ovn_default_interface_name: br-mgmt kube_ovn_iface: br-mgmt children: broken_etcd: children: null broken_kube_control_plane: children: null # OpenStack Controllers openstack_control_plane: hosts: ${LAB_NAME_PREFIX}-0.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-1.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-2.${GATEWAY_DOMAIN}: null # Edge Nodes ovn_network_nodes: hosts: ${LAB_NAME_PREFIX}-0.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-1.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-2.${GATEWAY_DOMAIN}: null # Tenant Prod Nodes openstack_compute_nodes: vars: enable_iscsi: true custom_multipath: false hosts: ${LAB_NAME_PREFIX}-0.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-1.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-2.${GATEWAY_DOMAIN}: null # Block Nodes storage_nodes: vars: enable_iscsi: true custom_multipath: false children: cinder_storage_nodes: hosts: {} hosts: ${LAB_NAME_PREFIX}-0.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-1.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-2.${GATEWAY_DOMAIN}: null # ETCD Nodes etcd: hosts: ${LAB_NAME_PREFIX}-0.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-1.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-2.${GATEWAY_DOMAIN}: null # Kubernetes Nodes kube_control_plane: hosts: ${LAB_NAME_PREFIX}-0.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-1.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-2.${GATEWAY_DOMAIN}: null kube_node: hosts: ${LAB_NAME_PREFIX}-0.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-1.${GATEWAY_DOMAIN}: null ${LAB_NAME_PREFIX}-2.${GATEWAY_DOMAIN}: null EOF fi if [ ! -f "/etc/genestack/helm-configs/barbican/barbican-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/barbican/barbican-helm-overrides.yaml <<EOF --- conf: barbican_api_uwsgi: uwsgi: processes: 1 barbican: oslo_messaging_notifications: driver: noop EOF fi if [ ! -f "/etc/genestack/helm-configs/cinder/cinder-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/cinder/cinder-helm-overrides.yaml <<EOF --- conf: cinder: DEFAULT: osapi_volume_workers: 1 oslo_messaging_notifications: driver: noop cinder_api_uwsgi: uwsgi: processes: 1 threads: 1 EOF fi if [ ! -f "/etc/genestack/helm-configs/glance/glance-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/glance/glance-helm-overrides.yaml <<EOF conf: glance: oslo_messaging_notifications: driver: noop glance_api_uwsgi: uwsgi: processes: 1 volume: class_name: general size: 20Gi EOF fi if [ ! -f "/etc/genestack/helm-configs/gnocchi/gnocchi-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/gnocchi/gnocchi-helm-overrides.yaml <<EOF --- conf: gnocchi: metricd: workers: 1 gnocchi_api_wsgi: wsgi: processes: 1 threads: 1 EOF fi if [ ! -f "/etc/genestack/helm-configs/heat/heat-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/heat/heat-helm-overrides.yaml <<EOF --- conf: heat: DEFAULT: num_engine_workers: 1 heat_api: workers: 1 heat_api_cloudwatch: workers: 1 heat_api_cfn: workers: 1 oslo_messaging_notifications: driver: noop heat_api_cfn_uwsgi: uwsgi: processes: 1 threads: 1 heat_api_uwsgi: uwsgi: processes: 1 threads: 1 EOF fi if [ ! -f "/etc/genestack/helm-configs/keystone/keystone-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/keystone/keystone-helm-overrides.yaml <<EOF --- conf: keystone_api_wsgi: wsgi: processes: 1 threads: 1 keystone: oslo_messaging_notifications: driver: noop EOF fi if [ ! -f "/etc/genestack/helm-configs/magnum/magnum-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/neutron/neutron-helm-overrides.yaml <<EOF conf: neutron: DEFAULT: api_workers: 1 rpc_workers: 1 rpc_state_report_workers: 1 oslo_messaging_notifications: driver: noop EOF fi if [ ! -f "/etc/genestack/helm-configs/magnum/magnum-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/magnum/magnum-helm-overrides.yaml <<EOF conf: magnum_api_uwsgi: uwsgi: processes: 1 threads: 1 EOF fi if [ ! -f "/etc/genestack/helm-configs/nova/nova-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/nova/nova-helm-overrides.yaml <<EOF --- conf: nova: DEFAULT: osapi_compute_workers: 1 metadata_workers: 1 conductor: workers: 1 schedule: workers: 1 oslo_messaging_notifications: driver: noop nova_api_uwsgi: uwsgi: processes: 1 threads: 1 nova_metadata_uwsgi: uwsgi: processes: 1 threads: 1 EOF fi if [ ! -f "/etc/genestack/helm-configs/octavia/octavia-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/octavia/octavia-helm-overrides.yaml <<EOF --- conf: octavia: DEFAULT: debug: true oslo_messaging_notifications: driver: noop controller_worker: loadbalancer_topology: SINGLE workers: 1 octavia_api_uwsgi: uwsgi: processes: 1 threads: 1 EOF fi if [ ! -f "/etc/genestack/helm-configs/placement/placement-helm-overrides.yaml" ]; then cat > /etc/genestack/helm-configs/placement/placement-helm-overrides.yaml <<EOF --- conf: placement: oslo_messaging_notifications: driver: noop placement_api_uwsgi: uwsgi: processes: 1 threads: 1 EOF fi EOC # Run host and K8S setup ssh -o ForwardAgent=yes -o UserKnownHostsFile=/dev/null -t ${SSH_USERNAME}@${JUMP_HOST_VIP} <<EOC set -e if [ ! -f "/usr/local/bin/queue_max.sh" ]; then python3 -m venv ~/.venvs/genestack ~/.venvs/genestack/bin/pip install -r /opt/genestack/requirements.txt source /opt/genestack/scripts/genestack.rc ANSIBLE_SSH_PIPELINING=0 ansible-playbook /opt/genestack/ansible/playbooks/host-setup.yml --become -e host_required_kernel=\$(uname -r) fi if [ ! -d "/var/lib/kubelet" ]; then source /opt/genestack/scripts/genestack.rc cd /opt/genestack/submodules/kubespray ANSIBLE_SSH_PIPELINING=0 ansible-playbook cluster.yml --become fi sudo mkdir -p /opt/kube-plugins sudo chown \${USER}:\${USER} /opt/kube-plugins pushd /opt/kube-plugins if [ ! -f "/usr/local/bin/kubectl" ]; then curl -LO "https://dl.k8s.io/release/\$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl fi if [ ! -f "/usr/local/bin/kubectl-convert" ]; then curl -LO "https://dl.k8s.io/release/\$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl-convert" sudo install -o root -g root -m 0755 kubectl-convert /usr/local/bin/kubectl-convert fi if [ ! -f "/usr/local/bin/kubectl-ko" ]; then curl -LO https://raw.githubusercontent.com/kubeovn/kube-ovn/release-1.12/dist/images/kubectl-ko sudo install -o root -g root -m 0755 kubectl-ko /usr/local/bin/kubectl-ko fi popd EOC # Run Genestack Infrastucture/OpenStack Setup ssh -o ForwardAgent=yes -o UserKnownHostsFile=/dev/null -t ${SSH_USERNAME}@${JUMP_HOST_VIP} <<EOC set -e echo "Installing OpenStack Infrastructure" sudo LONGHORN_STORAGE_REPLICAS=1 \ GATEWAY_DOMAIN="${GATEWAY_DOMAIN}" \ ACME_EMAIL="${ACME_EMAIL}" \ HYPERCONVERGED=true \ /opt/genestack/bin/setup-infrastructure.sh echo "Installing OpenStack" sudo /opt/genestack/bin/setup-openstack.sh EOC # Run Genestack post setup ssh -o ForwardAgent=yes -o UserKnownHostsFile=/dev/null -t ${SSH_USERNAME}@${JUMP_HOST_VIP} <<EOC set -e sudo bash <<HERE sudo /opt/genestack/bin/setup-openstack-rc.sh source /opt/genestack/scripts/genestack.rc if ! openstack --os-cloud default flavor show ${LAB_NAME_PREFIX}-test; then openstack --os-cloud default flavor create ${LAB_NAME_PREFIX}-test \ --public \ --ram 2048 \ --disk 10 \ --vcpus 2 fi if ! openstack --os-cloud default network show flat; then openstack --os-cloud default network create \ --share \ --availability-zone-hint az1 \ --external \ --provider-network-type flat \ --provider-physical-network physnet1 \ flat fi if ! openstack --os-cloud default subnet show flat_subnet; then openstack --os-cloud default subnet create \ --subnet-range 192.168.102.0/24 \ --gateway 192.168.102.1 \ --dns-nameserver 1.1.1.1 \ --allocation-pool start=192.168.102.100,end=192.168.102.109 \ --dhcp \ --network flat \ flat_subnet fi HERE EOC echo "The lab is now ready for use and took ${SECONDS} seconds to complete." echo "This is the jump host address ${JUMP_HOST_VIP}, write this down." echo "This is the VIP address internally ${METAL_LB_IP} with public address ${METAL_LB_VIP} within MetalLB, write this down."