Bifrost

De TeriaHowto
Sauter à la navigation Sauter à la recherche

" The mission of Bifrost is to provide an easy path to deploy ironic in a stand-alone fashion "

Installation

There are different ways to deploy Bifrost (cf https://docs.openstack.org/bifrost/latest/install/index.html) but the easiest (I think) is through to a dedicated (pre-built) container.

docker pull quay.io/openstack.kolla/bifrost-deploy:zed-rocky-9

docker run -it --net=host -v /dev:/dev -d \
--privileged --name bifrost_deploy \
quay.io/openstack.kolla/bifrost-deploy:zed-rocky-9

docker exec -it bifrost_deploy bash

Within the container :

mkdir -p /etc/bifrost
cat > /etc/bifrost/bifrost.yml << EOF
ansible_python_interpreter: /var/lib/kolla/venv/bin/python
enabled_hardware_types: ipmi,redfish
enabled_deploy_interfaces: direct,ramdisk,anaconda
cleaning: false
network_interface: ens3
mysql_username: root
mysql_password:
create_image_via_dib: false
dib_image_type: vm
create_ipa_image: false
dnsmasq_router: <@IP_router>
dnsmasq_dns_servers: <@IP_nameserver>
dnsmasq_ntp_servers: <@IP_ntp_server>
use_firewalld: false
default_boot_mode: bios
dhcp_pool_start: <@IP_dhcp_pool_start>
dhcp_pool_end: <@IP_dhcp_pool_end>
dhcp_lease_time: 12h
dhcp_static_mask: <netmastk>
EOF

cd /bifrost/playbooks
ansible-playbook -vvvv \
-i /bifrost/playbooks/inventory/target \
/bifrost/playbooks/install.yaml \
-e @/etc/bifrost/bifrost.yml \
-e skip_package_install=true

A few points of attention :

  • network_interface is the network interface of the host running the container
  • create_ipa_image is set to false in order to use pre-build IPA (Ironic Python Agent) kernel / initramfs
  • use_firewalld is set here to false because it prevents accessing the host with SSH by default ...

Enroll node(s)

To enroll one or several nodes, an inventory is used.

cd /bifrost/playbooks
export OS_CLOUD=bifrost
export BIFROST_INVENTORY_SOURCE=/tmp/baremetal.json
ansible-playbook -vvvv -i inventory/ enroll-dynamic.yaml


Some examples of /tmp/baremetal.json are given below.

The IPMI way

With a cloud image (Almalinux 8.7) and cloud-init

Create a JSON file (e.g. /tmp/baremetal.json) :

{
    "baremetal1": {
      "name": "baremetal1",
      "driver": "ipmi",
      "driver_info": {
        "ipmi_address": "<@IP_IPMI_BMC>",
        "ipmi_port": "<PORT_IPMI_BMC>",
        "ipmi_username": "<USER_IPMI_BMC>",
        "ipmi_password": "<PASSWORD_IPMI_BMC>",
      },
      "ipv4_address": "<@IP_node>",
      "ipv4_subnet_mask": "<netmask_node>",
      "ipv4_gateway": "<@IP_router>",
      "ipv4_nameserver": "<@IP_nameserver>",
      "inventory_dhcp": true,
      "nics": [
        {
          "mac": "<@MAC>"
        }
      ],
      "properties": {
        "cpu_arch": "x86_64"
      },
      "instance_info": {
        "image_source": "https://repo.almalinux.org/almalinux/8/cloud/x86_64/images/AlmaLinux-8-GenericCloud-8.7-20221111.x86_64.qcow2",
        "image_checksum": "b2b8c7fd3b6869362f3f8ed47549c804",
        "configdrive": {
          "meta_data": {
            "public_keys": {"0": "<SSH_PUBLIC_KEY_CONTENT>"},
            "hostname": "baremetal1.domain.ld"
          },
          "user_data": "#cloud-config\npackage_update: true\npackage_upgrade: true\npackages:\n  - git\n  - httpd\n"
        }
      }
    }
}

To generate user_data, this example could help :

cat > /tmp/cloud << EOF 
#cloud-config
package_update: true
package_upgrade: true
packages:
  - git
  - httpd
EOF
jq -Rs '.' /tmp/cloud
rm -f /tmp/cloud

ipv4_address, ipv4_subnet_mask, ipv4_gateway, ipv4_nameserver, inventory_dhcp are only useful if a static IP configuration is required.

With anaconda (and kickstart)

Create a JSON file (e.g. /tmp/baremetal.json) :

{
    "baremetal1": {
      "name": "baremetal1",
      "driver": "ipmi",
      "driver_info": {
        "ipmi_address": "<@IP_IPMI_BMC>",
        "ipmi_port": "<PORT_IPMI_BMC>",
        "ipmi_username": "<USER_IPMI_BMC>",
        "ipmi_password": "<PASSWORD_IPMI_BMC>",
      },
      "ipv4_address": "<@IP_node>",
      "ipv4_subnet_mask": "<netmask_node>",
      "ipv4_gateway": "<@IP_router>",
      "ipv4_nameserver": "<@IP_nameserver>",
      "inventory_dhcp": true,
      "nics": [
        {
          "mac": "<@MAC>"
        }
      ],
      "properties": {
        "cpu_arch": "x86_64"
      },
      "instance_info": {
        "image_source": "http://mirror.rackspeed.de/almalinux/8/BaseOS/x86_64/os/",
        "kernel": "http://mirror.rackspeed.de/almalinux/8/BaseOS/x86_64/os/images/pxeboot/vmlinuz",
        "ramdisk": "http://mirror.rackspeed.de/almalinux/8/BaseOS/x86_64/os/images/pxeboot/initrd.img",
        "ks_template": "<kickstart_URL>" 
      }
    }
}

ks_template is an URL pointing to a kickstart which must respect mandatory sections (cf https://opendev.org/openstack/ironic/src/branch/master/ironic/drivers/modules/ks.cfg.template)

The Redfish way