Cookbook for deploying OpenStack at the OSUOSL
- OpenStack Train release
- AlmaLinux 8
This cookbook utilizes kitchen-terraform to test deploying various parts of this cookbook in multiple nodes, similar to that in production.
- Chef/Cinc Workstation
- Terraform
- kitchen-terraform
- OpenStack cluster
Ensure you have the following in your .bashrc
(or similar):
export TF_VAR_ssh_key_name="$OS_SSH_KEYPAIR"
- Chef-zero node acting as a Chef Server
- Database node
- Ceph node
- Controller node (MQ, Neutron, public apis, web interface, etc)
- Compute node (also includes Cinder volume service)
First, generate some keys for chef-zero and then simply run the following suite.
# Only need to run this once
$ chef exec rake create_key
$ KITCHEN_YAML=kitchen.multi-node.yml kitchen test multi-node
If you want to test multi-regions, you need to do the following instead:
$ export TF_VAR_region2=1
$ KITCHEN_YAML=kitchen.multi-node.yml kitchen test multi-node
Be patient as this will take a while to converge all of the nodes (approximately 40 minutes).
Unfortunately, kitchen-terraform doesn't support using kitchen console
so you will need to log into the nodes
manually. To see what their IP addresses are, just run terraform output
which will output all of the IPs.
# You can run the following commands to login to each node
$ ssh almalinux@$(terraform output controller)
$ ssh almalinux@$(terraform output compute)
# If you're testing multi-regions
$ ssh almalinux@$(terraform output controller_region2)
$ ssh almalinux@$(terraform output compute_region2)
# Or you can look at the IPs for all for all of the nodes at once
$ terraform output
All of these nodes are configured using a Chef Server which is a container running chef-zero. You can interact with the chef-zero server by doing the following:
$ CHEF_SERVER="$(terraform output chef_zero)" knife node list -c test/chef-config/knife.rb
controller
compute
$ CHEF_SERVER="$(terraform output chef_zero)" knife node edit -c test/chef-config/knife.rb
In addition, on any node that has been deployed, you can re-run cinc-client
like you normally would on a production
system. This should allow you to do development on your multi-node environment as needed. Just make sure you include
the knife config otherwise you will be interacting with our production chef server!
You do not need to use kitchen-terraform directly if you're just doing development. It's primarily useful for testing the multi-node cluster using inspec. You can simply deploy the cluster using terraform directly by doing the following:
# Sanity check
$ terraform plan
# Deploy the cluster
$ terraform apply
# Destroy the cluster
$ terraform destroy
# To remove all the nodes and start again, run the following test-kitchen command.
$ kitchen destroy multi-node
# To refresh all the cookbooks, use the following command.
$ CHEF_SERVER="$(terraform output chef_zero)" chef exec rake knife_upload
- Fork the repository on Github
- Create a named feature branch (i.e.
add-new-recipe
) - Write you change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request
Author:: Oregon State University (chef@osuosl.org)