Actions
Task #12340
openEvaluate openstack helm charts
Start date:
01/06/2024
Due date:
% Done:
0%
Estimated time:
PM Check date:
Description
Objective¶
- Find out whether we can run openstack with it in our IPv6 only clusters
Summary¶
- Seems to be very fragile / unfinished status
- Charts are distributed in 2 repositories
- No released charts so far, cannot just run helm upgrade --install against a chart repo
- A lot of distributed files in the repos
- ceph-adaptor seems to be IPv4 based (splitting address on dots)
- Might be possible to build on top of it, but might need quite some involvement
Progress¶
- Try to stick to "in order setup"
- But when one item is blocked, setup other components that might crash due to missing dependencies
Base documentation¶
- https://docs.openstack.org/openstack-helm/latest/
- Related tools from our side: https://code.ungleich.ch/ungleich-public/ungleich-tools/src/branch/master/openstack
Communication¶
- IRC via matrix: https://matrix.ungleich.ch/#/room/#_oftc_openstack-helm:matrix.org
- Slack: https://app.slack.com/client/T09NY5SBT/C3WERB7DE
Components¶
- https://docs.openstack.org/openstack-helm/latest/install/deploy_openstack_backend.html
- https://docs.openstack.org/openstack-helm/latest/install/deploy_openstack.html
OpenStack client¶
- Is installed on the local machine
- Installs some python and creates a config file
- Installs python packages as root / using pip
- cmd2 python-openstackclient python-heatclient
Ceph¶
./tools/deployment/ceph/ceph-rook.sh- setups up rook in rook-ceph namespace
- also saw ceph namespace somewhere
- ceph cluster is put into ceph namespace
- operator is in rook-ceph
- sets min_size=1 for testing
- uses loop devices
./tools/deployment/ceph/ceph-adapter-rook.sh- builds a helm chart first: /home/nico/osh/openstack-helm-infra/ceph-adapter-rook-0.1.0.tgz
- maybe can reference the chart directly from the git repo
- There is also ./tools/deployment/ceph/ceph.sh, not sure for what, not mentioned in doc
Ingress¶
- for outside reachability, as usual
rabbitmq¶
MariaDB¶
Memcached¶
Keystone¶
- Identity management
- ./tools/deployment/component/keystone/keystone.sh
Heat¶
- Templating / infra
- Unclear
- ./tools/deployment/component/heat/heat.sh
Glance¶
- Image service
- ./tools/deployment/component/glance/glance.sh
Placement, Nova, Neutron¶
- OpenStack Nova is the compute service
- Neutron is the networking service
- Using openswitch, probably in hostnetwork mode (guess)
cd ~/osh/openstack-helm ./tools/deployment/component/compute-kit/openvswitch.sh ./tools/deployment/component/compute-kit/libvirt.sh ./tools/deployment/component/compute-kit/compute-kit.sh
Cinder¶
- block storage service
- probably interacts with ceph
- not sure yet how/where the monitor is set, might be in the rook step
cd ~/osh/openstack-helm ./tools/deployment/component/cinder/cinder.sh
Image management (ceph?)¶
- Should be able to use thin provisioning
Updated by Nico Schottelius 11 months ago
- Description updated (diff)
- Status changed from Seen to In Progress
Updated by Nico Schottelius 11 months ago
- Description updated (diff)
setup / steps¶
mkdir ~/osh cd ~/osh git clone https://opendev.org/openstack/openstack-helm.git git clone https://opendev.org/openstack/openstack-helm-infra.git
export OPENSTACK_RELEASE=2023.2 export CONTAINER_DISTRO_NAME=ubuntu export CONTAINER_DISTRO_VERSION=jammy
Prepare the cluster¶
[16:20] nb3:openstack-helm% cat ./tools/deployment/common/prepare-k8s.sh
#!/bin/bash
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -ex
# Add labels to the core namespaces & nodes
kubectl label --overwrite namespace default name=default
kubectl label --overwrite namespace kube-system name=kube-system
kubectl label --overwrite namespace kube-public name=kube-public
kubectl label --overwrite nodes --all openstack-control-plane=enabled
kubectl label --overwrite nodes --all openstack-compute-node=enabled
kubectl label --overwrite nodes --all openvswitch=enabled
kubectl label --overwrite nodes --all linuxbridge=enabled
kubectl label --overwrite nodes --all ceph-mon=enabled
kubectl label --overwrite nodes --all ceph-osd=enabled
kubectl label --overwrite nodes --all ceph-mds=enabled
kubectl label --overwrite nodes --all ceph-rgw=enabled
kubectl label --overwrite nodes --all ceph-mgr=enabled
# We deploy l3 agent only on the node where we run test scripts.
# In this case virtual router will be created only on this node
# and we don't need L2 overlay (will be implemented later).
kubectl label --overwrite nodes -l "node-role.kubernetes.io/control-plane" l3-agent=enabled
kubectl label --overwrite nodes -l "node-role.kubernetes.io/control-plane" openstack-network-node=enabled
for NAMESPACE in ceph openstack osh-infra; do
tee /tmp/${NAMESPACE}-ns.yaml << EOF
apiVersion: v1
kind: Namespace
metadata:
labels:
kubernetes.io/metadata.name: ${NAMESPACE}
name: ${NAMESPACE}
name: ${NAMESPACE}
EOF
kubectl apply -f /tmp/${NAMESPACE}-ns.yaml
done
make all
Updated by Nico Schottelius 11 months ago
Setup ceph (in progress)¶
- https://docs.openstack.org/openstack-helm/latest/install/deploy_ceph.html
- already done before
- Need to check the difference
- scripts
- ./tools/deployment/ceph/ceph-rook.sh
- ./tools/deployment/ceph/ceph-adapter-rook.sh
- Findings
- installs rook in ceph namespace
- creates a cluster
- Deploys a new svc that matches on all ceph monitors
Updated by Nico Schottelius 11 months ago
Setup openstack client (TBD)¶
- https://docs.openstack.org/openstack-helm/latest/install/setup_openstack_client.html
- Creating /etc/openstack and installing python
Updated by Nico Schottelius 11 months ago
- Project changed from 45 to Open Infrastructure
Marked ticket public for public review
Updated by Nico Schottelius 11 months ago
- Related to Task #12339: Evaluate yaaok for openstack in k8s added
Actions